Following the massive botnet takedown codenamed Operation Endgame in May 2024, which shut down the biggest malware droppers, including IcedID, SystemBC, Pikabot, Smokeloader and Bumblebee, law enforcement agencies across North America and Europe dealt another blow to the malware ecosystem in early 2025.
In a coordinated series of actions, customers of the Smokeloader pay-per-install botnet, operated by the actor known as ‘Superstar’, faced consequences such as arrests, house searches, arrest warrants or ‘knock and talks’. Superstar used his botnet to run a pay-per-install service, enabling customers to gain access to victims’ machines. Customers used the service to deploy malware for their own criminal activities. Investigations revealed that botnet access was purchased for a range of purposes, including keylogging, webcam access, ransomware deployment, cryptomining and more.
Read more…
Source: Europol
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Google teams up with Stop Scams to tackle financial fraud in the UK
May 8, 2021
Google has joined Stop Scams and outlined new measures to try and clamp down on financial fraud in the United Kingdom. On Friday, Vice President and MD of Google UK & Ireland, Ronan Harris, said that Google is the first major tech giant to partner with Stop Scams UK, an industry-led group that aims to tackle ...
- Ransomware Task Force: Ransomware is now a National Security risk
April 30, 2021
Ransomware is a growing international problem and it needs global cooperation in order to prevent attacks and take the fight to the cyber criminals behind the disruptive malware campaigns. A paper by the Institute for Security and Technology’s (IST) Ransomware Task Force (RTF) – a coalition of cybersecurity companies, government agencies, law enforcement organisations, technology firms, ...
- Multi-Gov Task Force Plans to Take Down the Ransomware Economy
April 29, 2021
Ransomware has reached crisis levels across business sectors and across the globe, but a public-private Ransomware Task Force aims to stem the tide of attacks by disrupting the crooks’ business model. The Institute for Security and Technology (IST) put together the coalition, which includes more than 60 members from software companies, government agencies, cybersecurity vendors, financial ...
- DC Police confirms cyberattack after ransomware gang leaks data
April 26, 2021
The Metropolitan Police Department has confirmed that they suffered a cyberattack after the Babuk ransomware gang leaked screenshots of stolen data. The Metropolitan Police Department, also known as the DC Police or MPD, is the primary law enforcement agency for Washington, DC, the US capital. In a statement to BleepingComputer, the DC Police stated that they are ...
- A specially crafted update is deleting Emotet botnet malware from infected PCs
April 26, 2021
A specially crafted update created by law enforcement has triggered the process of removing the Emotet botnet malware from 1.6 million infected computers around the world. Emotet was thought to be the world’s largest botnet, known for spewing millions of malware-laden spam emails each day. Law enforcement in the US, Canada and Europe conducted a coordinated ...
- New US Justice Department team aims to disrupt ransomware operations
April 22, 2021
The US Department of Justice (DoJ) is forming a new task force to deal with the “root causes” of ransomware. In an internal memo, the DoJ outlines the creation of a new initiative that will bring together current efforts in federal government to “pursue and disrupt” ransomware operations. As noted by CNN, this could include the takedown ...