Investigators take down the Avalanche botnet

December 2, 2016 // 10:27 a.m.

Tags: #avalanche #botnet #cybercrime #insecurity #investigation #police #security

Companies: #eurojust

Avalanche, claimed to be one of the largest malware management platforms in history, has been dismantled in the culmination of a four-year investigation by an international team.

Following more than four years of research the Public Prosecutor’s Office Verden, the German Lüneburg Police, the United States Attorney's Office for the Western District of Pennsylvania, the US Department of Justice, the FBI, Eurojust, Europol, and unnamed 'global partners' have reportedly shut down the Avalanche malware network. Involving prosecutors and investigators spread over 30 countries, the investigation has resulted in five arrests, 37 premises being searched, and the seizure of 39 servers, while a further 221 servers were deactivated and infections identified across 180 countries. The investigation also resulted in over 800,000 domains used for Avalanche being 'seized, sinkholed, or blocked.'

The Avalanche network, the investigators claim, had been running since 2009 as a command and control system for malware, phishing, and spam activities, and was responsible for sending out more than a million email messages every week. Its operation came to the attention of German police in 2012 when it was traced as the source of a particularly successful ransomware attack, and has been estimated to have controlled a botnet of 500,000 infected machines at its peak.

'Avalanche has been a highly significant operation involving international law enforcement, prosecutors and industry resources to tackle the global nature of cybercrime. The complex trans-national nature of cyber investigations requires international cooperation between public and private organisations at an unprecedented level to successfully impact on top-level cybercriminals,' claimed Rob Wainwright, director of Europol, of the investigation. 'Avalanche has shown that through this cooperation we can collectively make the Internet a safer place for our businesses and citizens.'

'Today marks a significant moment in the fight against serious organised cybercrime, and exemplifies the practical and strategic importance of Eurojust in fostering international cooperation,' added Eurojust president Michèle Coninsx. 'Together with the German and US authorities, our EU and international partners, and with support from Eurojust and Europol’s EC3, Avalanche, one of the world’s largest and most malicious botnet infrastructures, has been decisively neutralised in one of the biggest takedowns to date.'

More information on the investigation is available from Eurojust's official press release.
Discuss this in the forums

QUICK COMMENT

Week in review

WEEK IN REVIEW

TOP STORIES

SUGGESTED FOR YOU