May 30, 2024 at 08:31AM
‘Operation Endgame’ seized over 100 servers worldwide, arresting four individuals and identifying eight fugitives. The seized infrastructure hosted over 2,000 illicit domains in Europe and North America, under the authorities’ control. The operation involved police forces from several countries and was supported by intelligence from various cybersecurity experts. One suspect made over 69 million Euros from renting out criminal infrastructure for ransomware deployment.
Key takeaways from the meeting notes:
– An international law enforcement operation named ‘Operation Endgame’ conducted between May 27 and 29, 2024, seized over 100 servers globally used by various major malware loader operations.
– The operation led to the arrest of four individuals, with one in Armenia and three in Ukraine, and identified eight fugitives linked to the malware operations.
– The authorities seized infrastructure across Europe and North America, which hosted over 2,000 domains facilitating illicit services.
– The operation involved police forces from Germany, the United States, the United Kingdom, France, Denmark, and the Netherlands, with support from various cybersecurity experts.
– Malware droppers are being used to establish initial access to devices, with evasive tactics such as heavy code obfuscation and legitimate process impersonation.
One suspect involved in the targeted malware operations was found to have earned at least EUR 69 million in cryptocurrency through ransomware deployment, with ongoing monitoring and legal permission to seize the assets.
More detailed information about the suspects and the law enforcement operation is expected to be published on a dedicated portal later today.