French Cyber-Police, Avast & FBI Neutralise Global Botnet
In a very sophisticated piece of cyber intelligence, tracking, hacking and neutralisation the French Cyber Police, along with the FBI and Avast have taken down an enormous and very controlling crypto-mining Botnet.
French cybe police in the C3N cybercrime unit, along with the FBI and security firm Avast have neutralised a hacking operation that had taken control of more than 850,000 computers, mainly in Latin America, while also managing to remove the malware from the infected devices.
The agents went into action last spring after the Czech antivirus firm Avast alerted them to the software worm, called Retadup, that was being controlled by a server in the Paris region. Retadup infected hundreds of thousands of Windows-operating computers, in over 100 countries but mostly in Central and South America.
The virus attack route was an email that offered either easy money or erotic pictures.
The C3N cyber-crime unit at the French gendarmerie, which carried out the counter-attack with help from the US Federal Bureau of Investigation, called it a "world first" in a statement recently.
"It's a huge operation" given the number of computers infected, said Gerome Billois, a cybersecurity expert at the French IT services firm Wavestone.Police first made a copy of the server orchestrating the attack, which allowed them to then hack into it and surreptitiously take control. They then ordered all the infected computers to uninstall the Retadup malware, which police said was allowing the pirates to create the Monero cryptocurrency.
Retadup is also suspected of being used in several ransomware attacks and data thefts, the gendarmerie said.
"Don't click on links if you're not sure who sent you the email," Colonel Jean-Dominique Nollet, head of the C3N unit, told France Inter radio on Tuesday.
"Don't click on attachments either, and use up-to-date antivirus programmes, even free ones," Nollet said. "And try not to do anything stupid on the internet."
According to Avast, nearly 85 percent of the infected computers did not have antivirus programmes, while others had them but they had been deactivated.
France24: Silicon: CybersecurityReview:
You Might Also Read: