Police bring down global cybercrime network

Viruses being listed on screen in a high-security laboratory for cyber-security research at the Inria Rennes centre in France. The latest raids came after four years of investigations by specialists in 41 nations.
Viruses being listed on screen in a high-security laboratory for cyber-security research at the Inria Rennes centre in France. The latest raids came after four years of investigations by specialists in 41 nations.PHOTO: AGENCE FRANCE-PRESSE

Suspected kingpins held as parallel strikes in 10 countries topple Avalanche fraud ring

BERLIN • One of the world's largest networks of hijacked computers, which is suspected of having been used to attack online banking customers, has been taken down following police swoops in 10 countries, according to German police.

In an internationally coordinated campaign, the authorities carried out raids on Wednesday, seized servers and website domains, and arrested suspected leaders of a criminal organisation, said the police and prosecutors in northern Germany.

Officials said they had seized 39 servers and several hundred thousand domains, depriving criminals of control of more than 50,000 computers in Germany alone. These hijacked computers were used to form a "botnet" to knock out other websites.

Two people believed to have been the administrators of the botnet infrastructure known as Avalanche were arrested in Ukraine, said investigators. Another person was arrested in Berlin, officials added.

The strike came in the same week that hackers tried to create the world's biggest botnet, or an army of zombie computers, by infecting the routers of 900,000 Deutsche Telekom customers with malicious software.

The attack failed but froze the routers, causing outages in homes, businesses and government offices across Germany on Sunday and Monday, said Deutsche Telekom executives.

The police said criminals had used the Avalanche botnet since 2009 to send phishing and spam e-mails. More than a million e-mails were sent per week with malicious attachments or links. When users opened the attachment or clicked on the link, their infected computers became part of the botnet.

Investigators said the suspects had operated the commandeered network and made it available to other criminal groups, who had used it to send spam and phishing mails and defraud online banking users. It also helped spread ransomware, a form of malware used in online extortion schemes.

Officials estimated that damages had exceeded several hundred million euros worldwide.

The authorities have identified 16 suspected leaders of the organisation from 10 countries.

A court in Verden, northern Germany, has issued arrest warrants for seven people on suspicion of forming a criminal organisation, commercial computer fraud and other criminal offences.

The raids came after more than four years of intensive investigation by specialists in 41 countries.

Ms Michele Coninsx, who is president of Eurojust, the European Union's judicial cooperation unit, said the operation "marked a significant moment in the fight against organised cybercrime".

"Avalanche, one of the world's largest and most malicious botnet infrastructures, has been decisively neutralised in one of the biggest takedowns to date," she said.

REUTERS, AGENCE FRANCE-PRESSE

A version of this article appeared in the print edition of The Straits Times on December 03, 2016, with the headline 'Police bring down global cybercrime network'. Print Edition | Subscribe