French Cyber-Police, Avast & FBI Neutralise Global Botnet

In a very sophisticated piece of cyber intelligence, tracking, hacking and neutralisation the French Cyber Police, along with the FBI and Avast have taken down an enormous and very controlling crypto-mining Botnet. 

French cybe police in the C3N cybercrime unit, along with the FBI and security firm Avast have neutralised a hacking operation that had taken control of more than 850,000 computers, mainly in Latin America, while also managing to remove the malware from the infected devices. 

The agents went into action last spring after the Czech antivirus firm Avast alerted them to the software worm, called Retadup, that was being controlled by a server in the Paris region. Retadup infected hundreds of thousands of Windows-operating computers, in over 100 countries but mostly in Central and South America. 

The virus attack route was an email that offered either easy money or erotic pictures. 

The C3N cyber-crime unit at the French gendarmerie, which carried out the counter-attack with help from the US Federal Bureau of Investigation, called it a "world first" in a statement recently.

"It's a huge operation" given the number of computers infected, said Gerome Billois, a cybersecurity expert at the French IT services firm Wavestone.Police first made a copy of the server orchestrating the attack, which allowed them to then hack into it and surreptitiously take control. They then ordered all the infected computers to uninstall the Retadup malware, which police said was allowing the pirates to create the Monero cryptocurrency.

Retadup is also suspected of being used in several ransomware attacks and data thefts, the gendarmerie said.

"Don't click on links if you're not sure who sent you the email," Colonel Jean-Dominique Nollet, head of the C3N unit, told France Inter radio on Tuesday.

"Don't click on attachments either, and use up-to-date antivirus programmes, even free ones," Nollet said. "And try not to do anything stupid on the internet."

According to Avast, nearly 85 percent of the infected computers did not have antivirus programmes, while others had them but they had been deactivated.

France24:         Silicon:         CybersecurityReview:

You Might Also Read:

Botnets Are Here To Stay:

« Cybersecurity Training And Jobs
Why Cyber Training Is So Important For Business »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ON-DEMAND WEBINAR: Gen AI for Security: Adoption strategies with Amazon Bedrock

ON-DEMAND WEBINAR: Gen AI for Security: Adoption strategies with Amazon Bedrock

Watch this webinar and get a comprehensive roadmap for securely adopting generative AI using Amazon Bedrock, a fully managed service that offers a choice of high-performing foundation models (FMs).

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

rPeople Staffing

rPeople Staffing

rPeople provides direct placement in all areas of your organization, including and specializing in Technical and Executive hiring.

Pervade Software

Pervade Software

Pervade Software is a global provider of dedicated compliance tracking software with monitoring & reporting capabilities.

SafeCharge

SafeCharge

SafeCharge is a global provider of technology-based multi-channel payments services and risk management solutions for demanding businesses.

Consult Hyperion

Consult Hyperion

Consult Hyperion is an independent strategic and technical consultancy specialising in digital identity and secure electronic transactions.

Telecommunications Industry Association (TIA)

Telecommunications Industry Association (TIA)

TIA works to secure trust in networks by advocating public policy positions on the security of ICT equipment and services related to critical infrastructure, supply chain and information sharing.

Coalition

Coalition

Coalition combines comprehensive insurance and proprietary security tools to help businesses manage and mitigate cyber risk.

SaltStack

SaltStack

SaltStack develops award-winning intelligent IT automation software. We help businesses more efficiently secure and manage all aspects of their digital infrastructure.

WisePlant

WisePlant

WisePlant's portfolio of solutions and services includes process measurement, secure automation, industrial cybersecurity, functional safety and more.

Ascend Technologies

Ascend Technologies

Ascend Technologies offers a full suite of managed IT services including: Cloud & Infrastructure Management, Cybersecurity Management, Service Desk Management, Application Management , Data Management

e360

e360

e360 (formerly Entisys360) is an award-winning IT consultancy specializing in advanced IT infrastructure, virtualization, security, automation and cloud first solutions.

Grayshift

Grayshift

Grayshift is the leading provider of mobile device digital forensics, specializing in lawful access and extraction.

Teleport

Teleport

Teleport is a remote-first technology company. We enable engineers to quickly access any computing resource anywhere on the planet.

Picnic

Picnic

Picnic is a gritty, pioneering team of intelligence and cybersecurity specialists focused on solving the security challenge of our time - social engineering.

Trustifi

Trustifi

Trustifi leads the market with the easiest to use and deploy email security products, providing both inbound and outbound email security from a single vendor.

Park Place Technologies

Park Place Technologies

Park Place Technologies' mission is to drive uptime, performance and value for critical IT infrastructure.

DataSolutions

DataSolutions

DataSolutions is a leading value-added distributor of transformational IT solutions in the UK and Ireland.