ESET unites with Microsoft and law enforcement agencies to disrupt Gamarue botnets

ESET unites with Microsoft and law enforcement agencies to disrupt Gamarue botnets

The worldwide partners took action against servers and domains used to spread the Andromeda malware.

Organizations participating in the Andromeda investigation included the Europol European Cybercrime Center, the FBI, the Luneburg Central Criminal Investigation Inspectorate in Germany, the Joint Cybercrime Action Task Force, Eurojust and private-sector partners.

Additionally, during the operation, law enforcement has arrested a man in Belarus which might be the leader in Andromeda cybercrime gang.

In a separate statement, Europol, quoting Microsoft, said that the Andromeda's "main goal was to distribute other malware families" and that the malware and associated botnet "was associated with 80 malware families and, in the last six months...was detected on or blocked an average of over 1 million machines every month". Linked with 80 malware families, Andromeda has been detected on or blocked on almost 1.1 million machines every month on average over the past six months.

A crime-kit sold on the dark web, Gamarue offer high levels of customisation, allowing the user to build and deploy custom plugins - notable examples of malicious activity distributed using the self-service kit include building plugins to steal content entered into web forms while another allows attackers to control compromised systems. He is also the developer of the Win32/Gamarue HTTP bot, the Windows SMTP Bruter v.1.2.3 and the "Swf-Inj Service" that hijacks web traffic using malware.

Microsoft approached ESET and together they tracked Gamarue's botnets for a year and a half. It took Microsoft and ESET 18 months to identify the command and control communications behind Gamarue and then provide that information to the authorities. However, they did not name the suspect.

"This is another example of worldwide law enforcement working together with industry partners to tackle the most significant cybercriminals and the dedicated infrastructure they use to distribute malware on a global scale".

"This particular threat has been around for several years now and it is constantly reinventing itself - which can make it hard to monitor".

One of the malware families cited was the Avalanche Network, a botnet network that at one stage was responsible for two-thirds of all phishing attacks globally that brought down following a four-year investigation by global law enforcement agencies in December 2016. From there ESET and Microsoft were able to not only able to track the botnet but also locate the aforementioned servers.

More than 1,500 malicious domains used to control the botnet were subject to sinkholing and all traffic from infected computers were rerouted to less risky sites. The clear message is that public-private partnerships can impact these criminals and make the internet safer for all of us, ' said Steven Wilson, the Head of Europol's European Cybercrime Centre.

The operation to eliminate the Andromeda botnet also resulted in sinkholing of 1500 domains of the malicious software, as well as the capturing of approximately 2 million unique Andromeda victim IP addresses from 223 countries.



Related Posts

Jamia Millia Islamia student found dead inside his auto near Sarojini Market
Police said that it was Rizwan's father who found him lying in a pool of blood inside the vehicle parked outside the girl's house. A bullet injury was found on the right temple of the body. "A team of forensic experts have collected samples", the officer said.

U.S. defence secretary Mattis seeks more cooperation with Pakistan on terror fight
Mattis' trip to Pakistan comes at the end of a short trip to the region, including stops in Egypt, Jordan and Kuwait. He said Pakistani leaders went to Kabul and met with Afghan President Ashraf Ghani.

American voters aren't happy about the GOP's tax plan
Those same swing voters favor Democrats over Republicans for control of the House and Senate next year by 15 percentage points. As of Wednesday, the bill had average ratings of 32% approval and 46% disapproval, based on polls from five organizations.

Virat Kholi Anushka Sharma to get Married in Italy by Next Week
A few months ago, there were reports of the couple having broken up but later, they all turned out to be merely rumours. The wedding is apparently taking place in Milan, Italy where only close family members are going to attend it.

Supreme Court Leaning Towards A Positive NJ Sports Betting Ruling
Frank Pallone, D-N.J., announced that he would introduce a bill on Monday that aims to repeal the federal ban on sports betting. Only four states - Nevada, Montana, Delaware and OR - are allowed to facilitate sports gambling under a 1992 federal law.

Shraddha Kapoor to pair with Rajkumar Rao in horror comedy
Rajkummar Rao has had a wonderful year so far and with this announcement, it looks like he's preparing for an even better 2018. The actor's recent variation in roles and characters suggest that the National Award victor is in search of a challenge.

Xiaomi Redmi 5, Redmi 5 Plus Price Leaked Ahead Of Launch
According to a AliExpress listing, the Redmi 5 price will be $199.99 (roughly Rs. 12,900) for the 2GB RAM and 16GB storage model. MIUI 9 is the company's latest Android-based skin, MIUI, and it comes with a number of enhancements over MIUI 8.

FY2017 EPS Estimates for Golar LNG Partners LP Reduced by Analyst (GMLP)
Artisan Lp stated it has 249,916 shares or 0.08% of all its holdings. (NYSE:JPM) to report earnings on January, 12. (NYSE:TYL). Needham has "Buy" rating and $185 target. (NASDAQ:QADA) earned "Buy" rating by Canaccord Genuity on Friday, May 26.

B-1B, F-22 jets hold attack drills in Korea
Jeffrey Feltman, the UN's political affairs chief, traveled to the Asian country to discuss Pyongyang's nuclear program. North Korea has condemned the military exercise as a provocation amid heavy tensions between Washington and Pyongyang.

The Eagle Bancorp, Inc. (EGBN) Upgraded to "Outperform" by FIG Partners
Finally, Boenning Scattergood reissued a "buy" rating on shares of Eagle Bancorp in a research note on Thursday, October 19th. Bontempo Ohly Capital Mgmt Llc sold 11,982 shares as the company's stock declined 9.03% while stock markets rallied.

© 2015 ExpressNewsline. All Rights reserved.