Following the massive botnet takedown codenamed Operation Endgame in May 2024, which shut down the biggest malware droppers, including IcedID, SystemBC, Pikabot, Smokeloader and Bumblebee, law enforcement agencies across North America and Europe dealt another blow to the malware ecosystem in early 2025.
In a coordinated series of actions, customers of the Smokeloader pay-per-install botnet, operated by the actor known as ‘Superstar’, faced consequences such as arrests, house searches, arrest warrants or ‘knock and talks’. Superstar used his botnet to run a pay-per-install service, enabling customers to gain access to victims’ machines. Customers used the service to deploy malware for their own criminal activities. Investigations revealed that botnet access was purchased for a range of purposes, including keylogging, webcam access, ransomware deployment, cryptomining and more.
Read more…
Source: Europol
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- INTERPOL: Major cybercrime operation nets 1,006 suspects
November 26, 2024
LYON, France – Authorities across 19 African countries have arrested 1,006 suspects and dismantled 134,089 malicious infrastructures and networks thanks to a joint operation by INTERPOL and AFRIPOL against cybercrime. Operation Serengeti (2 September – 31 October) targeted criminals behind ransomware, business email compromise (BEC), digital extortion and online scams – all identified as prominent threats ...
- Internet, mobile services disrupted in major cities, including Karachi, Islamabad
November 24, 2024
Communication services across Pakistan are hit by significant disruptions as the Pakistan Tehreek-e-Insaf (PTI) gears up for its much-anticipated “do-or-die” protest in Islamabad. Major cities like Karachi, Islamabad, and Rawalpindi have reported interruptions in mobile internet and other services, causing inconvenience for residents and businesses alike. These outages are part of the government’s intensified security measures ...
- UK: Prison layouts reportedly leaked on dark web
November 23, 2024
The Ministry of Justice has said it is aware of a data breach affecting prisons in England and Wales. Confidential prison layouts had been leaked onto the dark web in the past two weeks, according to The Times. A former prison governor told the paper organised crime groups could potentially use the information to smuggle drugs ...
- Elon Musk to British MPs: I’ll summon you, actually
November 21, 2024
Elon Musk is beefing with British politicians again — and they’re not impressed. The X owner and Donald Trump ally brushed off a call from the House of Commons’ science and technology committee to answer questions on his role in riots that swept the U.K. this summer. Committee chair Chi Onwurah told POLITICO this week that ...
- US charges five in ‘Scattered Spider’ hacking scheme
November 20, 2024
U.S. prosecutors unveiled criminal charges on Wednesday against five alleged members of Scattered Spider, a loose-knit community of hackers suspected of breaking into dozens of U.S. companies to steal confidential information and cryptocurrency. Martin Estrada, the U.S. Attorney in Los Angeles, said the defendants conducted phishing attacks by sending bogus but real-looking mass text messages to ...
- FBI: Easy Access to Information for Conducting Fraudulent Emergency Data Requests Impacts US-Based Companies and Law Enforcement Agencies
November 4, 2024
The Federal Bureau of Investigation (FBI) is releasing this Private Industry Notification to highlight a trend of compromised US and foreign government email addresses used to conduct fraudulent emergency data requests to US-based companies, exposing personally identifying information (PII). While the concept of fraudulent emergency data requests was previously used by other threat actors, such as ...