Last May, Europol orchestrated "the largest-ever operation" against malware. As part of a large-scale operation dubbed Endgame, police forces from several countries seized the servers of several viruses, which were being widely exploited by cybercriminals. More than 100 servers fell under the control of investigators.
Among the main malware short-circuited by Europol was Smokeloader, a loader virus. Active for over 10 years, SmokeLoader is known for its stealth. Without alerting an antivirus, it can download and install other malware on the targeted computer. Smokeloader has been implicated in ransomware attacks, webcam hacking, and large-scale data theft. It was a key element in the hackers' arsenal.
Europol uncovers Smokeloader's customers
By searching Smokeloader's infrastructure servers, Europol investigators discovered clues that could be traced back to some of the hackers who exploited the malware. In a press release, Europol said it had carried out "arrests, searches, and arrest warrants" against several of the botnet's clients. A database, which came into the hands of European police last year, listed the names of all subscribers to Smokeloader's services.
Law enforcement officials say they discovered that Smokeloader was run by a cybercriminal who calls himself Superstar. The hacker earned money by making available the botnet of other cybercriminals.
Hackers' data "was not protected"
Police forces continue to work "against criminals who used the services removed during Operation Endgame", Europol recalls. Virus customers are now learning the painful lesson that their personal data was not protected by these people who were unwittingly painting targets on their backs. Some of the arrested hackers chose to cooperate with the police. They facilitated the examination of digital evidence stored on their personal devices. Some of the arrested individuals had taken to reselling services purchased from Smokeloader at a markup. Finally, Europol is asking Anyone with information about criminal activity related to Operation Endgame is urged to contact their services. European police say efforts related to data recovered last year are continuing...
Source: Europol
0 Comments