Share the post "Massive international police operation takes down ransomware networks, arrests 4.."
Police coordinated by the European Union’s justice and police agencies have taken down computer networks responsible for spreading ransomware via infected emails, in what they called the biggest-ever international operation against the lucrative form of cybercrime…
The European Union’s judicial cooperation agency, Eurojust, said Thursday that police arrested four “high value” suspects, took down more than 100 servers and seized control of over 2,000 internet domains.
The huge takedown this week, codenamed Endgame, involved coordinated action in Germany, the Netherlands, France, Denmark, Ukraine, the United States and United Kingdom, Eurojust said. Also, three suspects were arrested in Ukraine and one in Armenia. Searches were carried out in Ukraine, Portugal, the Netherlands and Armenia, EU police agency Europol added.
It is the latest international operation aimed at disrupting malware and ransomware operations. It followed a massive takedown in 2021 of a botnet called Emotet, Eurojust said. A botnet is a network of hijacked computers typically used for malicious activity, Europol pledged it would not be the last takedown, “Operation Endgame does not end today. New actions will be announced on the website Operation Endgame,” Europol said in a statement.
Dutch police said that the financial damage inflicted by the network on governments, companies and individual users is estimated to run to hundreds of millions of euros (dollars). “Millions of people are also victims because their systems were infected, making them part of these botnets,” the Dutch statement said, Eurojust said that one of the main suspects earned cryptocurrency worth at least 69 million euros ($74 million) by renting out criminal infrastructure for spreading ransomware.
The operation targeted malware “droppers” called IcedID, Pikabot, Smokeloader, Bumblebee and Trickbot. A dropper is malicious software usually spread in emails containing infected links or attachments such as shipping invoices or order forms, “This approach had a global impact on the dropper ecosystem,” Europol said. “The malware, whose infrastructure was taken down during the action days, facilitated attacks with ransomware and other malicious software.”