A BOTNET-BUSTING joint task force has taken down the two million device-strong malware-spreading Andromeda network.
Cybersecurity agents from a combination of the Europol’s European Cybercrime Centre, the FBI, EuroJust and the Joint Cybercrime Action Task force, alongside help from a clutch of companies like Microsoft, moved to scupper what is thought to be the biggest botnet ever.
Using a technique called ‘sinkholing’, whereby domains carrying malware distributed by Andromeda were redirected to servers used to investigate the botnet, some 1,500 command and control domains were destabilised and traffic from two million infected devices worldwide were prevented from making contact with the control domains.
All this effort cut off the cyber criminals’ access to the infected devices that formed the botnet and resulted in knocking Andromeda offline.
The taskforce discovered Andromeda had a massive reach having spread across 223 countries including the UK, Belgium, Italy, Singapore and Australia.
The investigation led to the arrest of a person in Belarus and the effective end of the Andromeda botnet.
Andromeda is thought to have spawned out of the now out-of-operation Avalanche trojan speading malware network, and was used to distribute 80 different kinds of malware at a global scale.
Steven Wilson, the head of Europol’s European Cybercrime Centre, noted the Andromeda takedown is a good example of how law enforcement organisations and the private sector can work together to combat the ever growing presence of cyber threats.
“This is another example of international law enforcement working together with industry partners to tackle the most significant cyber criminals and the dedicated infrastructure they use to distribute malware on a global scale. The clear message is that public-private partnerships can impact these criminals and make the internet safer for all of us,” he said.
That’s all very well but if Brexit does indeed go ahead, such partnerships between the UK and European law enforcement could be stymied, despite Britain being keen to share intelligence after it leaves the EU. µ
Source : Inquirer