French Cyber-Police, Avast & FBI Neutralise Global Botnet

Uploaded on 2019-09-06 in GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

In a very sophisticated piece of cyber intelligence, tracking, hacking and neutralisation the French Cyber Police, along with the FBI and Avast have taken down an enormous and very controlling crypto-mining Botnet. 

French cybe police in the C3N cybercrime unit, along with the FBI and security firm Avast have neutralised a hacking operation that had taken control of more than 850,000 computers, mainly in Latin America, while also managing to remove the malware from the infected devices. 

The agents went into action last spring after the Czech antivirus firm Avast alerted them to the software worm, called Retadup, that was being controlled by a server in the Paris region. Retadup infected hundreds of thousands of Windows-operating computers, in over 100 countries but mostly in Central and South America. 

The virus attack route was an email that offered either easy money or erotic pictures. 

The C3N cyber-crime unit at the French gendarmerie, which carried out the counter-attack with help from the US Federal Bureau of Investigation, called it a "world first" in a statement recently.

"It's a huge operation" given the number of computers infected, said Gerome Billois, a cybersecurity expert at the French IT services firm Wavestone.Police first made a copy of the server orchestrating the attack, which allowed them to then hack into it and surreptitiously take control. They then ordered all the infected computers to uninstall the Retadup malware, which police said was allowing the pirates to create the Monero cryptocurrency.

Retadup is also suspected of being used in several ransomware attacks and data thefts, the gendarmerie said.

"Don't click on links if you're not sure who sent you the email," Colonel Jean-Dominique Nollet, head of the C3N unit, told France Inter radio on Tuesday.

"Don't click on attachments either, and use up-to-date antivirus programmes, even free ones," Nollet said. "And try not to do anything stupid on the internet."

According to Avast, nearly 85 percent of the infected computers did not have antivirus programmes, while others had them but they had been deactivated.

France24:         Silicon:         CybersecurityReview:

You Might Also Read:

Botnets Are Here To Stay:

« Cybersecurity Training And Jobs
Why Cyber Training Is So Important For Business »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

HDI

HDI

HDI is the worldwide professional association and certification body for the technical service and support industry.

MENTIS Software

MENTIS Software

MENTIS provides a comprehensive enterprise data security and breach prevention platform to protect sensitive information assets.

Onapsis

Onapsis

Onapsis is a pioneer in cybersecurity and compliance solutions for cloud and on-premise ERP and business-critical applications.

National Cyber Security Centre (NCSC) - Netherlands

National Cyber Security Centre (NCSC) - Netherlands

NCSC Netherlands coordinates enhancing the cyber resilience of the Netherlands in the digital domain.

Immersive Labs

Immersive Labs

Immersive Labs have created a kinesthetic learning platform which identifies gaps in your teams cyber skills.

H-11 Digital Forensics

H-11 Digital Forensics

H-11 Digital Forensics is a global leader of digital forensic technology.

Center for Cyber & Homeland Security (CCHS)

Center for Cyber & Homeland Security (CCHS)

The Center for Cyber and Homeland Security at Auburn University is a nonpartisan think tank that works to develop innovative strategies to address current and future threats to the United States.

BLOCKO

BLOCKO

BLOCKO is a blockchain specialized technology company that has experienced and achieved the largest amount of business in South Korea.

Templar Shield

Templar Shield

Templar Shield is a premier information security, risk and compliance technology professional services firm serving North America.

Inflexor Ventures

Inflexor Ventures

Inflexor Ventures is a technology focused venture capital firm that invests in early stage companies from seed to Series-A+ stages.

Agile Underwriting

Agile Underwriting

Agile, an underwriting agency, insurtech and Coverholder at Lloyd's, provides niche insurance products across Aviation, Marine & Cargo, Cyber and Financial Lines.

Soteria

Soteria

Soteria is a global leader in the development, integration and implementation of advanced cyber security, intelligence and IT solutions, delivering complete end-to-end solutions.

Ciphertex Data Security

Ciphertex Data Security

Ciphertex is a leading data security company that specializes in portable data encryption and privacy protection storage systems.

Guernsey

Guernsey

Guernsey provides a wide range of engineering, architecture and consulting services to multiple markets, including cybersecurity consulting and CMMC certification.

Pistachio

Pistachio

Pistachio is the new evolution of cybersecurity awareness training and attack simulations.

Thunder Shield Security

Thunder Shield Security

Thunder Shield is a professional cyber security service provider of penetration test, source code review and security assessment services.