Europol, the European Union’s law enforcement agency, has helped dismantle a huge cybercrime network, during Operation Avalanche.
After more than four years of investigation, the German police along with Europol, the US Department of Justice and the FBI have crushed the malware and ransomware network (botnet.)
More than 800,000 domain names have been seized, blocked or null-routed in the process; 5 individuals were arrested, 37 premises were searched, and 39 servers were seized, with a further 221 servers put offline through abuse notifications sent to hosting providers.
UK’s National Crime Agency officers took down 2,210 Avalanche domains, which had a .co.uk address.
Victims of malware infections were identified in over 180 countries worldwide. The criminal groups have been using the Avalanche infrastructure since 2009 for conducting malware, phishing and spam activities. They sent more than 1 million e-mails with malicious attachments or links every week to unsuspecting victims.
According to Europol, the malware campaigns that were distributed through this network include around 20 different malware families such as goznym, marcher, matsnu, urlzone, xswkit, and pandabanker.
The Avalanche network was used as a delivery platform to launch and manage mass global malware attacks and money mule recruiting campaigns, causing an estimated 6 million Euro in damages to online banking systems in Germany alone.
The money mule schemes operating over Avalanche involved highly organized networks of “mules,” that purchased goods with stolen funds, enabling cybercriminals to launder the money they acquired through the attacks.
ICANN was involved in the takedown process as well as domain Registries, according to the Europol report, which arrives with detailed infographics.
For more information on this massive network takedown, click here.
Good riddance to bad rubbish.
Joseph – I wonder what TLDs they registered for this massive scam.