Following the massive botnet takedown codenamed Operation Endgame in May 2024, which shut down the biggest malware droppers, including IcedID, SystemBC, Pikabot, Smokeloader and Bumblebee, law enforcement agencies across North America and Europe dealt another blow to the malware ecosystem in early 2025.
In a coordinated series of actions, customers of the Smokeloader pay-per-install botnet, operated by the actor known as ‘Superstar’, faced consequences such as arrests, house searches, arrest warrants or ‘knock and talks’. Superstar used his botnet to run a pay-per-install service, enabling customers to gain access to victims’ machines. Customers used the service to deploy malware for their own criminal activities. Investigations revealed that botnet access was purchased for a range of purposes, including keylogging, webcam access, ransomware deployment, cryptomining and more.
Read more…
Source: Europol
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Apple slams UK surveillance-bill proposals
July 20, 2023
Apple says it will remove services such as FaceTime and iMessage from the UK rather than weaken security if new proposals are made law and acted upon. The government is seeking to update the Investigatory Powers Act (IPA) 2016. It wants messaging services to clear security features with the Home Office before releasing them to customers. ...
- IOCTA 2023: forget hackers in a hoodie, cybercrime has become a big business
July 17, 2023
Forget the cliché of a solitary figure in a hoodie hunched over a keyboard in a dark room crunching lines of codes. It is an image that no longer accurately reflects today’s cybercrime landscape, where criminals operate as business-like syndicates across borders. Europol’s ninth Internet Organised Crime Threat Assessment (IOCTA), whose first module is published today, ...
- FBI worked with Ukraine intelligence agency to remove social media accounts
July 10, 2023
The FBI colluded with a Ukrainian intelligence agency in an effort to disrupt Russian disinformation campaigns by flagging social media accounts in a failed effort that ensnared a verified Russian-language U.S. State Department account and others, the House Judiciary Committee said in a report released Monday. The report said the FBI partnered with the SBU, one ...
- Telegram has become a window into war
July 7, 2023
Since the invasion of Ukraine in February 2022, Telegram has gained an outsize influence on one of the world’s most watched conflicts. “Telegram is fantastic for many, many reasons and for the fact that we’ve managed to see what is happening at such a crucial point in history,” says Jordan Wildon, digital investigator and founder ...
- France set to allow police to spy on suspects through remote phone access
July 6, 2023
Part of a wider justice reform bill, the spying provision has been attacked by the left and rights defenders as an authoritarian snoopers’ charter, though Justice Minister Eric Dupond-Moretti insists it would affect only “dozens of cases a year”. Covering laptops, cars and other connected objects as well as phones, the measure would allow geolocation of ...
- EU set to approve the use of spyware to uncover confidential journalist sources
June 23, 2023
The European Union is set to approve new laws that would let governments spy on journalists in the name of national security. The legislation would expand legal ‘loopholes’ that let governments install spyware on journalist’s phones and computers, including British reporters working in the EU, press freedom campaigners warned. The draft legislation, that has now been ...