Following the massive botnet takedown codenamed Operation Endgame in May 2024, which shut down the biggest malware droppers, including IcedID, SystemBC, Pikabot, Smokeloader and Bumblebee, law enforcement agencies across North America and Europe dealt another blow to the malware ecosystem in early 2025.
In a coordinated series of actions, customers of the Smokeloader pay-per-install botnet, operated by the actor known as ‘Superstar’, faced consequences such as arrests, house searches, arrest warrants or ‘knock and talks’. Superstar used his botnet to run a pay-per-install service, enabling customers to gain access to victims’ machines. Customers used the service to deploy malware for their own criminal activities. Investigations revealed that botnet access was purchased for a range of purposes, including keylogging, webcam access, ransomware deployment, cryptomining and more.
Read more…
Source: Europol
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Ransomware gang targets Belgian municipality, hits police instead
November 26, 2022
The Ragnar Locker ransomware gang has published stolen data from what they thought was the municipality of Zwijndrecht, but turned out to be stolen from Zwijndrecht police, a local police unit in Antwerp, Belgium. The leaked data reportedly exposed thousands of car number plates, fines, crime report files, personnel details, investigation reports, and more. This type of ...
- Australian Cyber Task Force Looks to “Hack the Hackers” After Data Breach Crime Wave
November 24, 2022
A recent string of data breaches has prompted rapid changes to Australia’s cybersecurity and data protection policies, and the latest development appears to be a cyber task force set to “hack back” and actively pursue what Minister for Home Affairs Clare O’Neil described as “scumbags.” Home Affairs is promising a new “tough on crime” policy toward ...
- Cyber-enabled financial crime: USD 130 million intercepted in global INTERPOL police operation
November 24, 2022
LYON, France – An INTERPOL police operation to tackle online fraud has seen almost 1000 suspects arrested and the seizure of USD 129,975,440 worth of virtual assets. Fraud investigators around the world worked together over five months (28 June – 23 November) to intercept money and virtual assets linked to a wide range of cyber-enabled financial ...
- RCMP use of spyware warrants update to Canada’s privacy laws, MPs say
November 24, 2022
Canada should update its privacy laws in the wake of revelations that the country’s national police force uses spyware to hack mobile devices, a parliamentary committee says. The House of Commons ethics committee is recommending the federal government require privacy assessments for the use of “high-risk technological tools” that collect personal data, according to a report ...
- Estonian duo accused of $575m cryptocurrency scam
November 22, 2022
Police in Estonia have arrested two men suspected of running a $575m (£485m) cryptocurrency scam involving hundreds of thousands of victims. Estonian police investigated the case with the FBI, and US authorities want to extradite the pair – Estonians Sergei Potapenko and Ivan Turogin. The two 37-year-olds allegedly got people to invest in a cryptocurrency mining service ...
- Wray tells lawmakers that FBI conducts cyber offensive operations
November 17, 2022
FBI Director Christopher Wray told Senate lawmakers on Thursday that his agency has been conducting offensive cyber operations against state and non-state cyber actors. Wray said offensive operations are one of many tactics the agency employs to counter various cyber threats. “Offense is a critical part of our overall effort to push back against cyber adversaries,” Wray ...