GEC NEWS WIREThe Avalanche malware-hosting network has been dealt a severe blow following the takedown of infrastructure used by at least 17 malware families. The takedown operation, which was a combined effort by multiple international law enforcement agencies, public prosecutors, and security and IT organizations including Symantec, resulted in the seizure of 39 servers and several hundred thousand domains that were being used by the criminal organization behind the Avalanche network.
Earlier this week, leading members of a criminal organization responsible for the Avalanche botnet were arrested following four years of an international investigation supported by Symantec. In addition to the arrests, German law enforcement seized 37 servers and several hundred thousand domains used by the network.
Symantec’s early investigations into police ransomware served as a catalyst for the German law enforcement’s investigations into the Avalanche group. Since 2012 Symantec has been providing technical assistance to German authorities and has shared information on the botnet infrastructure, associated malware families and infection data.
The investigation culminated yesterday on November 30 and resulted in the takedown of infrastructure providing support for at least 17 different malware families as well as the arrests of multiple individuals suspected to be participating in the activity.
