Following the massive botnet takedown codenamed Operation Endgame in May 2024, which shut down the biggest malware droppers, including IcedID, SystemBC, Pikabot, Smokeloader and Bumblebee, law enforcement agencies across North America and Europe dealt another blow to the malware ecosystem in early 2025.
In a coordinated series of actions, customers of the Smokeloader pay-per-install botnet, operated by the actor known as ‘Superstar’, faced consequences such as arrests, house searches, arrest warrants or ‘knock and talks’. Superstar used his botnet to run a pay-per-install service, enabling customers to gain access to victims’ machines. Customers used the service to deploy malware for their own criminal activities. Investigations revealed that botnet access was purchased for a range of purposes, including keylogging, webcam access, ransomware deployment, cryptomining and more.
Read more…
Source: Europol
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Dmitry Khoroshev named as alleged leader of ransomware gang LockBit
May 7, 2024
The alleged leader of what was once the world’s largest ransomware outfit, LockBit, has been named as Russian national Dmitry Khoroshev by the UK’s National Crime Agency (NCA), after the seizure of the criminal gang’s infrastructure. Khoroshev, who lived his online life under the name LockBitSupp, has been sanctioned by the UK, US and Australia as ...
- US rejecting dialogue on cyber sphere with Russia undermines information security
May 4, 2024
The US administration rejecting dialogue with Moscow on the cyber sphere undermines international information security, Russian Ambassador to Washington Anatoly Antonov said on the embassy’s Telegram channel. “We regard such statements as another example of megaphone diplomacy and evidence of Washington’s irrepressible desire to accuse Russia of all mortal sins. We have repeatedly told the US: ...
- Ukrainian man sentenced for extorting $700m in REvil ransomware attacks
May 2, 2024
A Ukrainian man has been sentenced to 13 years and seven months in prison for his role in conducting more than 2,500 ransomware attacks across the globe. Yaroslav Vasinskyi, 24, demanded more than $700 million in ransom payments for data he stole from his victims, or he would publicly release it. He was also ordered to ...
- Australia: Cybercrime detectives arrest man following alleged 1 million NSW clubs customer records data breach
May 2, 2024
A Sydney man has been arrested by police over an alleged data breach of personal information of members and patrons from at least 17 licensed clubs in New South Wales and the ACT. An unauthorised website claimed to have published online the personal details of many customers, with a threat to publish those of more than ...
- Polish minister says government used spyware against hundreds of people
April 25, 2024
The use of spyware in Poland under the previous government resulted in accusations that the authorities were abusing power and eroding democratic guardrails. Poland’s prosecutor general said on Wednesday that Pegasus spyware was used against hundreds of people during the former Polish government. Adam Bodnar told lawmakers that he found the scale of the surveillance to ...
- UK: Personal details of 200,000 people at risk after neighbourhood watch system data breach
April 24, 2024
The names, email addresses and telephone numbers of up to 200,000 people could have been obtained by hackers following a major data breach at a police-backed alert system. Bosses at the company which manages the ‘In The Know’ alert system, which is used by Lancashire Police and Lancashire Fire and Rescue Service, have apologised. Read more… Source: MSN ...