Warzone is a Remote Access Trojan (RAT) that is sold on a publicly available website as opposed to on the dark web, as a Malware-as-a-Service (MaaS) subscription-based platform. The initial subscription to the malware’s basic RAT builder is rather inexpensive, as it is designed to be targeted towards novice threat-actors.
Advanced features such as a rootkit, hidden process capability, premium dynamic DNS (DDNS), and customer support are available with the upgraded subscription. This premium version is called “Poison”, and it’s sold at a higher fee for a three-month subscription.
Threat actors can also choose to purchase builders for document-based exploit delivery, including a recently disclosed 2021 XLL Excel exploit that the malware author claims are fully undetected.
Read more on Warzone RAT in our latest blog:
Credit: YouTube/BlackBerry