Security News > 2024 > May > Police seize over 100 malware loader servers, arrest four cybercriminals
An international law enforcement operation codenamed 'Operation Endgame' has seized over 100 servers worldwide used by multiple major malware loader operations, including IcedID, Pikabot, Trickbot, Bumblebee, Smokeloader, and SystemBC. The action, which occurred between May 27 and 29, 2024, involved 16 location searches across Europe and led to the arrest of four individuals, one in Armenia and three in Ukraine.
The police have identified eight fugitives linked to the malware operations, who will be added to Europol's 'Most Wanted' list later today.
Operation Endgame involved police forces from Germany, the United States, the United Kingdom, France, Denmark, and the Netherlands.
The cybercriminals behind them typically send malicious emails to deliver the malware or hide payloads on trojanized installers promoted through malvertising or torrents.
Europol said that one of the main suspects involved in one of the targeted malware operations made over 69 million Euros by renting out their infrastructure for ransomware deployment.
Ebury botnet malware infected 400,000 Linux servers since 2009.
News URL
Related news
- Police seize over 100 malware loader servers, arrest four cybercriminals (source)
- Android Malware Wpeeper Uses Compromised WordPress Sites to Hide C2 Servers (source)
- Police shuts down 12 fraud call centres, arrests 21 suspects (source)
- Ebury botnet malware infected 400,000 Linux servers since 2009 (source)
- Ebury Botnet Malware Compromises 400,000 Linux Servers Over Past 14 Years (source)
- Android malware Grandoreiro returns after police disruption (source)
- Banking malware Grandoreiro returns after police disruption (source)
- Cybercriminals pose as "helpful" Stack Overflow users to push malware (source)
- Europol Shuts Down 100+ Servers Linked to IcedID, TrickBot, and Other Malware (source)
- Europol identifies 8 cybercriminals tied to malware loader botnets (source)