Following the massive botnet takedown codenamed Operation Endgame in May 2024, which shut down the biggest malware droppers, including IcedID, SystemBC, Pikabot, Smokeloader and Bumblebee, law enforcement agencies across North America and Europe dealt another blow to the malware ecosystem in early 2025.
In a coordinated series of actions, customers of the Smokeloader pay-per-install botnet, operated by the actor known as ‘Superstar’, faced consequences such as arrests, house searches, arrest warrants or ‘knock and talks’. Superstar used his botnet to run a pay-per-install service, enabling customers to gain access to victims’ machines. Customers used the service to deploy malware for their own criminal activities. Investigations revealed that botnet access was purchased for a range of purposes, including keylogging, webcam access, ransomware deployment, cryptomining and more.
Read more…
Source: Europol
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Police Service of Northern Ireland reprimanded over unlawful data sharing
October 28, 2023
The Police Service of Northern Ireland (PSNI) has been reprimanded for unlawfully sharing personal data on 174 people with a law enforcement agency in the United States. It follows an investigation by the UK data watchdog, the Information Commissioner’s Office (ICO). The ICO said multiple infringements of the Data Protection Act occurred between 2018 and late ...
- Police warn Israelis not to answer unknown calls
October 27, 2023
The Israel Police warned citizens on Friday not to answer phone or video calls from numbers they don’t recognize—particularly from abroad—following a surge of suspicious calls reported to authorities. “The purpose of the calls may be to cause panic and harassment and may be part of attempts to take over the WhatsApp accounts,” per a ...
- China crackdown on cyber scams in Southeast Asia nets thousands but leaves networks intact
October 26, 2023
Zhang Hongliang, a former restaurant manager in central China, took various gigs in and outside China to support his family after losing his job during the COVID-19 pandemic. In March, a job offer to teach Chinese cooking at a restaurant led him into a cyber scam compound in Myanmar, where he was instead ordered to ...
- Sheffield Hallam cryptocurrency investigation game wins European Commission Award
October 24, 2023
A first-of-its kind cryptocurrency-tracing training game co-created by Sheffield Hallam University’s Centre of Excellence in Terrorism, Resilience, Intelligence and Organised Crime Research (CENTRIC) has won a prestigious European Commission Award. Cryptopol was developed and co-created by researchers in CENTRIC and Europol, the law enforcement agency of the EU, in 2019. It simulates a cryptocurrency investigation ...
- Microsoft to help Australia’s cyber spies amid $5bn investment in cloud computing
October 23, 2023
Microsoft says it will invest an additional $5bn in Australia over the next two years to expand hyperscale cloud computing capacity while collaborating with the Australian Signals Directorate (ASD) to boost domestic protection from cyber threats. Anthony Albanese confirmed the new investment on the opening day of his state visit to the United States during an ...
- Europol: Ragnar Locker ransomware gang taken down by international police swoop
October 20, 2023
This week, law enforcement and judicial authorities from eleven countries delivered a major blow to one of the most dangerous ransomware operations of recent years. This action, coordinated at international level by Europol and Eurojust, targeted the Ragnar Locker ransomware group. The group were responsible for numerous high-profile attacks against critical infrastructure across the world. In ...