3 months ago

Feds Shut Down ‘Longest-Running’ Andromeda Botnet


In a coordinated International cyber operation, Europol with the help of international law enforcement agencies has taken down what the item called “one of the longest-running malware families in existence” known as Andromeda.

Andromeda, also known as Win32/Gamarue, will be an infamous HTTP-based modular botnet that will has been around for several years right now, in addition to infecting computers with the item’s malicious intentions ever since.

The primary goal of Andromeda bot will be to distribute various other malware families for mass global malware attacks.

The botnet has been associated with at least 80 malware families, in addition to within the last six months, the item was detected (or blocked) on an average of more than 1 million machines per month.

Last year, law enforcement agencies took down the criminal infrastructure of the infamous Avalanche botnet in a similar massive international cyber operation. Avalanche botnet was used as a delivery platform to spread various other malware families, including Andromeda.

While investigating into the Avalanche botnet, information obtained by the German authorities was shared with the Federal Investigation of Bureau (FBI) via Europol, which eventually helped the international agencies to tear down Andromeda just last week.


In a joint operation, the international partners took down servers in addition to more than 1,500 web domains which were being used to distribute in addition to control Andromeda malware.

“that will will be another example of international law enforcement working together with industry partners to tackle the most significant cybercriminals in addition to the dedicated infrastructure they use to distribute malware on a global scale,” Steven Wilson, the Head of Europol’s European Cybercrime Centre (EC3), said.

“The clear message will be that will public-private partnerships can impact these criminals in addition to make the internet safer for all of us.”

Using sinkholing the right now-seized domains, tactic researchers use to redirect traffic by the infected machines to a self-controlled system; authorities found over 2 million unique IP addresses by at least 223 countries associated with Andromeda victims with just 48 hours.

Further investigation also helped law enforcement authorities arrest a suspect in Belarus, who was allegedly involved within the Andromeda cybercrime gang.

Just last week, Europol seized more than 20,000 web domains for illegally selling counterfeit products, including luxury products, sportswear, electronics, pharmaceuticals in addition to online piracy on e-commerce platforms in addition to social networks in its fight against the online trade of counterfeit goods.

Article Categories:
Security Hacks

Leave a Comment

Your email address will not be published. Required fields are marked *

twenty − 20 =