US, European Police Operation Takes Down International Botnet

A joint operation between the FBI and European police agencies succeeded in shutting down a major cybercrime tool on Wednesday. The bust dismantled a network of more than 12,000 computers infected with a botnet that had targeted networks primarily in the U.S., Japan, India and Taiwan. No arrests have been made yet.

The network in question was known as the Beebone, or AAEH, botnet. Beebone was a polymorphic downloader bot capable of installing various forms of malware on victimsEU computers. Authorities said that despite the success of the operation, many computers across the world are likely still infected with the botnet.

Particularly Sophisticated Malware

A botnet is a network of computers that have been infected with malware and hijacked by a hacker. The infection is typically spread when a user opens an infected e-mail attachment, visits an infected Web site, or connects an infected USB device. A network can consist of anywhere between hundreds and millions of devices. The infected machines then connect to a command-and-control server and await instructions. From there, a hacker can take control of the zombie device, adding it to the botnet.

The operation was led by the Dutch National High Tech Crime Unit. Europol, the law enforcement agency for the European Union, also participated through the office of its European Cybercrime Centre, along with the Joint Cybercrime Action Taskforce (J-CAT), the FBI, and the International Cyber Crime Coordination Cell.

To take down the network, J-CAT and Europol worked with Intel Security, Kaspersky and Shadowserver to EUsinkholeEU the botnet. Sinkholing consists of registering, suspending or seizing all domain names with which the malware could communicate. The authorities then redirected traffic from the botnet.

Europol said that it would be distributing data from the operation to ISPs and computer emergency response teams around the world to inform victims of...

Comments are closed.