3 min read

Bitdefender joins Europol and partners to support victim disinfection after dismantling of international criminal ring Avalanche

Bogdan BOTEZATU

December 01, 2016

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Bitdefender joins Europol and partners to support victim disinfection after dismantling of international criminal ring Avalanche

Do your part for a safer Internet and scan your devices for these now-extinct threats using the free tool provided by Bitdefender.

On November 30, a thorough investigation code-named Operation Avalanche has materialized in an extremely complex, cross-jurisdiction, cross-industry clean-up effort. The project, coordinated by Europol and supported by partner anti-malware vendors, targeted malware families that have wrought havoc in the past years and inflicted significant damage to computer users all over the world.

Operation Avalanche targets 20 different malware families both old (yet functioning) botnets such as Goznym, Marcher, Dridex, Matsnu, URLZone, XSWKit, Pandabanker, as well as newer – yet better-known – threats such as the Cerber or Teslacrypt ransomware strains. Throughout their operation, they managed to extort roughly hundreds of millions of Euro worldwide , although the extent of the damage can’t be accurately determined because of the high volume of operations managed through the Avalanche platform.

As part of the operation, Europol and its global partners seized, sinkholed or blocked over 800,000 web domains used by malware to call back home, confiscated over 30 servers and put offline more than 220 servers via abuse notification protocols. All these efforts ensure that the command and control mechanisms for the target botnets are disrupted and infected bots can”t call home for new instructions.

Along with the pursuit of justice in a number of court cases, the purpose of this massive mobilization of forces is to provide comprehensive clean-up for the targeted malware families which ensures that malware won”t persist on the victims” computer after its command-and-control centers have been taken down.

Why is cleanup necessary?

After the command and control centers are rendered inoperable, bots on the infected computers can”t usually inflict any direct damage. However, their attempts at getting in touch with the command and control centers for further instructions would not only waste precious CPU cycles, but also generate junk internet traffic. Some other times, such bots modify the current configuration of the computer which may prevent it to connect to the internet or access specific resources. A well known example of such behavior is the DNS Changer Trojan that made it impossible for some 25,000 computers to access the Internet after its command and control center had been shut down.

“Removal is a critical step that victims need to take in order to ensure the extinction of these malware families. Even if our products have successfully detected these threats since their emergence, the removal tool we built as part of the cooperation with Europol allows victims running other security solutions – or no solution at all – to successfully disinfect their machines and clean up after the botnet”, said Catalin Cosoi, Chief Security Strategist at Bitdefender.

If you have any doubts that your computer might be part of any of these botnets or if you want to run a quick check, we advise that you download the removal tool and run a full system scan. Alternatively, if you are not running a security solution on your computer, you might want to install a full antimalware suite such as the Bitdefender Total Security Multi-Device for continuous protection against malware.

Our biggest thanks go to the Bitdefender antimalware team in the Iasi office who worked around the clock to provide free removal and disinfection for all the malware families that made the object of yesterdays takedown: Dan Anton -Technical Project Manager. Antimalware Laboratory; Bogdan Prelipcean – Technical Leader. Antimalware Laboratory; George Jescu – Technical Leader. Antimalware Laboratory Adrian Popescu – Team Leader. Antimalware Laboratory; Bogdan Timofte – Senior Malware Researcher; Eduard Budaca – Junior Malware Researcher; Andrei Nacu – Team Leader. Antimalware Laboratory; Alexandru Munteanu – Junior Malware Researcher; Lucian Alexandru – Junior Malware Researcher.

tags


Author



Right now

Top posts

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

August 30, 2022

2 min read
What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read
Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

July 07, 2022

5 min read
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

EU to Enforce Stricter Cybersecurity Regulations for IoT Devices and Software EU to Enforce Stricter Cybersecurity Regulations for IoT Devices and Software
Silviu STAHIE

September 20, 2022

1 min read
Hacker Posts GTA VI Videos on GTAForums, Claims to Have Stolen Source Code Hacker Posts GTA VI Videos on GTAForums, Claims to Have Stolen Source Code
Silviu STAHIE

September 19, 2022

1 min read
Starbucks Singapore warns customers after hacker steals data, offers it for sale on underground forum Starbucks Singapore warns customers after hacker steals data, offers it for sale on underground forum
Graham CLULEY

September 16, 2022

1 min read