September 18, 2024 at 05:11PM FBI Director Wray highlights bureau’s assistance to ransomware victims. China-backed spies reportedly dismantle 260,000-device botnet after FBI’s pursuit with international allies. From the meeting notes, it seems that Wray shared about the bureau’s efforts to assist certain victims in dealing with ransomware criminals. Additionally, there was mention of China-backed spies … Read more
June 12, 2024 at 09:47AM A 28-year-old Russian man in Kyiv was arrested for collaborating with Conti and LockBit ransomware operations, making their malware undetectable and conducting an attack himself. The arrest was part of ‘Operation Endgame’, which dismantled botnets and main operators. The man was specialized in developing custom crypters to evade antivirus detection … Read more
June 3, 2024 at 04:17PM Operation Endgame targets individual threat actors behind dismantled botnets, adding eight Russian nationals to Europe’s most wanted list. They seek the identity of “Odd,” the developer behind Emotet malware, and call for public help. Led by Europol, the initiative aims to warn cybercriminals and encourages cooperation for a crackdown on … Read more
May 30, 2024 at 02:04PM An international law enforcement operation led by Europol, Operation Endgame, resulted in multiple arrests, searches, server seizures, and takedowns of malware droppers including IcedID, Bumblebee, and Trickbot. Europol coordinated with law enforcement partners from the US and UK, leading to 4 arrests, 16 search locations, and the seizure of more … Read more
February 15, 2024 at 02:45PM The US government has neutralized a Russian cyber espionage platform by disrupting a botnet of hundreds of Ubiquiti Edge OS routers controlled by the APT28 group. The routers were initially infected with ‘Moobot’ malware by cybercriminals and subsequently hijacked by the Russian group. The operation involved deleting stolen data and … Read more
February 1, 2024 at 04:06AM The US government conducted a major takedown of a botnet using end-of-life Cisco and Netgear routers that were exploited by Chinese state-backed hackers. The botnet, linked to the Chinese APT Volt Typhoon, targeted various sectors, and the FBI remotely seized control of infected routers. The operation aimed to delete malware … Read more
November 14, 2023 at 06:31PM Russian and Moldovan national Sergei Makinin has been arrested in Florida for operating a botnet called IPStorm. Makinin admitted to violating US law by intentionally causing damage to protected systems. The botnet used the InterPlanetary File System (IPFS) to hide its activities and allow infected machines to be used as … Read more
November 1, 2023 at 04:04PM The Mozi botnet, which accounted for 90% of all malicious IoT network traffic, has disappeared after a kill switch was discovered. The “Who killed Mozi?” question remains unanswered. ESET Research found the kill switch, which deactivated the malware and disabled certain functions. The investigation suggests that either the original Mozi … Read more
November 1, 2023 at 12:54PM Recent research from cybersecurity firm ESET suggests that the shutdown of the Mozi botnet was likely deliberate and initiated by its operators, possibly under pressure from Chinese authorities. Mozi was a highly active botnet responsible for a significant portion of IoT botnet traffic. ESET discovered a kill switch that disabled … Read more