UPDATED 04:31 EST / DECEMBER 02 2016

APPS

Global law enforcement agencies bring down Avalanche botnet network

A botnet network at one stage responsible for two-thirds of all phishing attacks globally has been brought down following a four-year investigation by global law enforcement agencies.

The Avalanche network is estimated to involve hundreds of thousands of infected computers worldwide. As part of the takedown, officials seized command and control servers and took control of more than 800,000 Internet domains used by the botnet which had been in operation in some form since 2009 and had spread at least 24 different malware variants.

Five individuals were arrested as part of the take down, with 37 premises being searched, 39 servers seized and 221 servers taken offline through abuse notifications sent to the hosting provider.

The network was brought down with the assistance of the Lüneburg Police in Germany in close cooperation with the United States Attorney’s Office for the Western District of Pennsylvania, the Department of Justice and the FBI, Europol, Eurojust and global partners, along with additional assistance from INTERPOL, the Shadowserver Foundation, Registrar of Last Resort, ICANN and multiple domain name registries.

 

Victims of malware infections spread by the Avalanche network have been identified in over 180 countries, a staggering figure given that there are only 195 countries in the world today, excluding Taiwan. Initially starting with fake bank emails, the network evolved other time to distribute a variety of phishing attacks including “police ransomware,” malware that spoofs a message from law enforcement claiming the victim’s system had been distributing illegal pornography, then demanding a ransom to unlock an infected computer.

“The Avalanche network, which has been operating since at least 2010, is estimated to involve hundreds of thousands of infected computers worldwide,” the Department of Justice said in a media release. “The monetary losses associated with malware attacks conducted over the Avalanche network are estimated to be in the hundreds of millions of dollars worldwide, although exact calculations are difficult due to the high number of malware families present on the network.”

The Justice Department added that there would be additional information on the dismantling of Avalanche provided early next week.

Image credit: Pixabay/Public Domain CC0

Since you’re here …

… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.

If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.

Cookies

We employ the use of cookies. Find out more.