Law enforcement authorities from 30 countries have taken down Avalanche "crimeware-as-a-service" network, which is said to have spread over 8,00,000 domains.
The take-down was possible thanks to investigation spanning four years, during which it was discovered that the network made use of over 5,00,000 infected computers on a daily basis and further infected millions with malware that would gather banking and email details, said US-CERT, TechTarget reported. US-CERT is responsible for analysing and reducing cyber threat in the United States.
The Avalanche network is estimated to involve hundreds of thousands of infected computers worldwide. "The monetary losses associated with malware attacks conducted over the Avalanche network are estimated to be in the hundreds of millions of dollars worldwide, although exact calculations are difficult due to the high number of malware families present on the network," said a statement from US department of justice and the FBI.
The investigation was started in 2012 by a German public prosecutor's office in Verden. Government agencies of several countries, including the US Attorney Office, Department of Justice and the FBI, participated in the investigation. European agencies like Europol, Eurojust and others also aided the probe.
The crimeware infrastructure was also used by criminals to operate "money mule" schemes, where people would be recruited to help launder stolen money or merchandise. This would make it difficult to trace the identity of criminals.
It was also revealed that this network used fast flux [Domain Name System (DNS)], a technique where criminal servers are hidden behind a "constantly changing network of compromised systems acting as proxies," according to US-CERT.
According to the Europol statement, the investigators were successful as they worked closely with each other. Cybersecurity and law enforcement authorities need to join hands with private sector to tackle the evolving methods of the criminals, according to Julian King, European Commissioner for the Security Union.
The investigation was hailed as a new model for authorities to fight global cybercrime. Several experts reiterated the need to come together and fight this global menace. Moreover, they stressed, that since cybersecurity has an ever-changing nature, fighting it is a constant effort.
