3 min read

Bitdefender joins Europol and partners to support victim disinfection after dismantling of international criminal ring Avalanche

Bogdan BOTEZATU

December 01, 2016

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Bitdefender joins Europol and partners to support victim disinfection after dismantling of international criminal ring Avalanche

Do your part for a safer Internet and scan your devices for these now-extinct threats using the free tool provided by Bitdefender.

On November 30, a thorough investigation code-named Operation Avalanche has materialized in an extremely complex, cross-jurisdiction, cross-industry clean-up effort. The project, coordinated by Europol and supported by partner anti-malware vendors, targeted malware families that have wrought havoc in the past years and inflicted significant damage to computer users all over the world.

Operation Avalanche targets 20 different malware families both old (yet functioning) botnets such as Goznym, Marcher, Dridex, Matsnu, URLZone, XSWKit, Pandabanker, as well as newer – yet better-known – threats such as the Cerber or Teslacrypt ransomware strains. Throughout their operation, they managed to extort roughly hundreds of millions of Euro worldwide , although the extent of the damage can’t be accurately determined because of the high volume of operations managed through the Avalanche platform.

As part of the operation, Europol and its global partners seized, sinkholed or blocked over 800,000 web domains used by malware to call back home, confiscated over 30 servers and put offline more than 220 servers via abuse notification protocols. All these efforts ensure that the command and control mechanisms for the target botnets are disrupted and infected bots can”t call home for new instructions.

Along with the pursuit of justice in a number of court cases, the purpose of this massive mobilization of forces is to provide comprehensive clean-up for the targeted malware families which ensures that malware won”t persist on the victims” computer after its command-and-control centers have been taken down.

Why is cleanup necessary?

After the command and control centers are rendered inoperable, bots on the infected computers can”t usually inflict any direct damage. However, their attempts at getting in touch with the command and control centers for further instructions would not only waste precious CPU cycles, but also generate junk internet traffic. Some other times, such bots modify the current configuration of the computer which may prevent it to connect to the internet or access specific resources. A well known example of such behavior is the DNS Changer Trojan that made it impossible for some 25,000 computers to access the Internet after its command and control center had been shut down.

“Removal is a critical step that victims need to take in order to ensure the extinction of these malware families. Even if our products have successfully detected these threats since their emergence, the removal tool we built as part of the cooperation with Europol allows victims running other security solutions – or no solution at all – to successfully disinfect their machines and clean up after the botnet”, said Catalin Cosoi, Chief Security Strategist at Bitdefender.

If you have any doubts that your computer might be part of any of these botnets or if you want to run a quick check, we advise that you download the removal tool and run a full system scan. Alternatively, if you are not running a security solution on your computer, you might want to install a full antimalware suite such as the Bitdefender Total Security Multi-Device for continuous protection against malware.

Our biggest thanks go to the Bitdefender antimalware team in the Iasi office who worked around the clock to provide free removal and disinfection for all the malware families that made the object of yesterdays takedown: Dan Anton -Technical Project Manager. Antimalware Laboratory; Bogdan Prelipcean – Technical Leader. Antimalware Laboratory; George Jescu – Technical Leader. Antimalware Laboratory Adrian Popescu – Team Leader. Antimalware Laboratory; Bogdan Timofte – Senior Malware Researcher; Eduard Budaca – Junior Malware Researcher; Andrei Nacu – Team Leader. Antimalware Laboratory; Alexandru Munteanu – Junior Malware Researcher; Lucian Alexandru – Junior Malware Researcher.

tags


Author



Right now

Top posts

The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

October 22, 2021

2 min read
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

October 20, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Common Credentials Criminals Use in IoT Dictionary Attacks Revealed Common Credentials Criminals Use in IoT Dictionary Attacks Revealed
Silviu STAHIE

November 30, 2021

3 min read
Interpol Busts 1,000 Cyber Crooks and Recovers $27M in Massive Fraud Crackdown Interpol Busts 1,000 Cyber Crooks and Recovers $27M in Massive Fraud Crackdown
Filip TRUȚĂ

November 29, 2021

2 min read
Social media firms will be forced to unmask online trolls, says Australia Social media firms will be forced to unmask online trolls, says Australia
Graham CLULEY

November 29, 2021

2 min read