World’s largest botnet network taken down

  • On November 29, the Andromeda network of botnets that spread Gamarue malware was taken down by the FBI, Europol, Eurojust, and Germany’s Luneburg Central Criminal Investigation Inspectorate, along with Microsoft and ESET,
  • Andromeda was one of the largest malware operations in the world. It has been around since 2011, spanning over 460 botnets and infecting more than 1.1 million computers a month with 88 different malware families.
  • Gamarue (aka Wauchos) is sold in the Dark Web as Andromeda bot, a Trojan downloader crimeware kit that’s at least six years old.
  • Among the malware Andromeda/Gamarue spread were the Petya and Cerber ransomware, the Neutrino bot for DDoS attacks, Lethic spam bot malware, and information-stealers Ursnif, Carberp, and Fareit.
  • Some 2 million victim IP addresses from 223 countries were intercepted by the takedown operation’s sinkholes in a 48-hour period.
  • The operation has led to the arrest of an individual in Belarus. Authorities have yet to provide details on the suspect.
  • Interestingly, if the malware detects keyboard-language settings for Belarus, Russia, Ukraine, or Kazakhstan, it won’t continue to compromise the machine.
  • “As this was sold as a kit in underground forums, there is always a possibility that someone will start a new botnet using the same malware. However, through this operation, all known Andromeda botnets have been disrupted” says Jean-Ian Boutin, senior malware researcher with ESET.

So you Think Shes Cheating on You - Put Your Mind at Rest With FlexiSPY (728x90)

Be the first to comment

Leave a Reply

Your email address will not be published.