‘Avalanche’ Cybercrime Network Taken Down By US and European Law Enforcement

This past Wednesday, law enforcement agencies in the US and Europe launched a concerted campaign against a sophisticated cyber-criminal organization known as Avalanche, in what is being hailed as the largest operation ever undertaken against cybercrime. The FBI, in conjunction with Europol, arrested five, seized more than 50 servers, and shut down 800,000 domains, effectively dismantling Avalanche.

“This is probably the biggest operation that law enforcement has ever done against cyber crime,” said Catalin Cosoi, chief security strategist with BitDefender, one of the companies that supported the operation.

In a joint statement released by the Department of Justice, law enforcement officials revealed that the operation was conducted with the cooperation of prosecutors and investigators from more than 40 countries.

Avalanche was essentially a cybercrime company, launched in 2009, that leased or sold malicious cloud-hosted software to other criminals. The software was used to infect systems with ransomware and create botnets to launch DDoS attacks and send spam. Europol notes that Avalanche’s extensive network involved hundreds of thousands of infected computers throughout the world. This network was used to support phishing campaigns, in which emails with infected links or attachments were sent to people. The DOJ estimates that the monetary losses caused by Avalanche’s malware attacks are “in the hundreds of millions of dollars worldwide”.

While the operation has been characterized as a resounding success, it should be noted that it did not clean malware off of victims’ computers. Instead, it prevented Avalanche operatives from accessing affected computers. The next step is for victims to scan their systems and clear any malware that they find from their computers. To that end, the US Computer Emergency Readiness Team has posted links to scanners for concerned companies and individuals to use.