Enlarge / Avalanche once hosted ransomware that spoofed messages from law enforcement. Now, a team of 40 law enforcement agencies has shut it down. (credit: Symantec)
A botnet that has served up phishing attacks and at least 17 different malware families to victims for much of this decade has been taken down in a coordinated effort by an international group of law enforcement agencies and security firms. Law enforcement officials seized command and control servers and took control of more than 800,000 Internet domains used by the botnet, dubbed "Avalanche," which has been in operation in some form since at least late 2009.
"The operation involves arrests and searches in five countries," representatives of the FBI and US Department of Justice said in a joint statement issued today. "More than 50 Avalanche servers worldwide were taken offline."
The domains seized have been "sinkholed" to terminate the operation of the botnet, which is estimated to have spanned over hundreds of thousands of compromised computers around the world. The Justice Department's Office for the Western Federal District of Pennsylvania and the FBI's Pittsburgh office led the US portion of the takedown. "The monetary losses associated with malware attacks conducted over the Avalanche network are estimated to be in the hundreds of millions of dollars worldwide, although exact calculations are difficult due to the high number of malware families present on the network," the FBI and DOJ said in their joint statement.