Following the massive botnet takedown codenamed Operation Endgame in May 2024, which shut down the biggest malware droppers, including IcedID, SystemBC, Pikabot, Smokeloader and Bumblebee, law enforcement agencies across North America and Europe dealt another blow to the malware ecosystem in early 2025.
In a coordinated series of actions, customers of the Smokeloader pay-per-install botnet, operated by the actor known as ‘Superstar’, faced consequences such as arrests, house searches, arrest warrants or ‘knock and talks’. Superstar used his botnet to run a pay-per-install service, enabling customers to gain access to victims’ machines. Customers used the service to deploy malware for their own criminal activities. Investigations revealed that botnet access was purchased for a range of purposes, including keylogging, webcam access, ransomware deployment, cryptomining and more.
Read more…
Source: Europol
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Law enforcement disrupt world’s biggest ransomware operation
February 20, 2024
In a significant breakthrough in the fight against cybercrime, law enforcement from 10 countries have disrupted the criminal operation of the LockBit ransomware group at every level, severely damaging their capability and credibility. LockBit is widely recognised as the world’s most prolific and harmful ransomware, causing billions of euros worth of damage. This international sweep follows ...
- Safety and security focussed expo – POLSECURE 2024, 23-25 April 2024, Kielce-Poland
February 9, 2024
International Expo POLSECURE is an excellent opportunity to introduce the state-of-the-art equipment and accessories for uniformed services to the market and to win new customers. The event is also a golden occasion to exchange experiences and talks about the real needs of uniformed services. The trade fair is co-organised by the National Police Headquarters. Strategic partner of ...
- Buying Spying: How the commercial surveillance industry works and what can be done about it
February 6, 2024
Private sector firms have been involved in discovering and selling exploits for many years, but there is a rise in turnkey espionage solutions. Commercial Surveillance Vendors (CSVs) offer pay-to-play tools that bundle an exploit chain designed to get past security measures, along with the spyware and the necessary infrastructure, in order to collect the desired data ...
- Pakistan: Balochistan decides to ‘restrict’ internet service in ‘sensitive polling booths’
February 5, 2024
The caretaker government in Balochistan has decided to keep the internet service restricted in the sensitive polling booths in certain areas of the province in the lead-up to the February 8 polls amid dire security risks due to a spike in terrorist attacks. Balochistan caretaker Information Minister Jan Achakzai on Sunday night announced the decision, citing ...
- German police seizes $2.17 billion in bitcoin in ‘most extensive’ action ever
January 30, 2024
German police have confiscated 50,000 bitcoin worth $2.17 billion in the country’s ‘most extensive’ cryptocurrency seizure ever, it said in a statement on Tuesday. “This is the most extensive seizure of bitcoins by law enforcement authorities in the Federal Republic of Germany to date,” police in the city of Dresden said. The investigation was supported by ...
- Australia: Russian man Aleksandr Ermakov has been sanctioned over the Medibank data breach
January 23, 2024
The Australian government has used Magnitsky-style sanctions for the first time to punish Russian man Aleksandr Ermakov over what it says is his role in the 2022 Medibank Private data breach. Foreign Minister Penny Wong, Home Affairs Minister Clare O’Neil and Deputy Prime Minister Richard Marles made the announcement on Tuesday morning. But what exactly are ...