International Operation Shuts Down Massive Malware Network

Published: 02 December 2016

cybercriminal

(Photo: Jochen Zick, CC BY-ND 2.0.)

By Igor Spaic

An operation by 40 countries shut down a cybercrime network that used malware to steal hundreds of millions of dollars from email users around the world, law enforcement agencies announced Thursday.

The network, known as Avalanche, had since at least 2010 bombarded users in over 180 countries with emails that contained malicious attachments and links.

The operation involved the arrest on Wednesday of five people and searches on 37 locations. At least 39 servers involved in the network were seized and over 800,000 domains were seized, blocked or “sinkholed” - meaning that traffic was redirected to law enforcement servers.

Wedneday’s coordinated shutdown follows a four year investigation started in Germany. The network used as many as 500,000 infected computers per day in its botnet, in which computers are under the control of malware.

The head of Europol's Cybercrime Center, Fernando Ruiz, told the Associated Press that the operation differed from many previous crackdowns on similar cybercrime networks, in which much of the infrastructure and key suspects were left intact.

“We have arrested the top, the head of the snake,” Ruiz said.