Europol Shuts Down 100+ Servers Facilitating Dropper Malware like IcedID & SystemBC

Europol, the European Union agency for law enforcement, has been actively fighting cybercrimes affecting small and high-value targets.

According to an official blog post, Europol has pulled the plug on 100+ servers that facilitated the operation of dropper malware.

These raids and consequent arrests were done between 27 and 29 May 2024.

This latest move from Operation Endgame has reportedly affected the spread of dropper malware such as IcedID, SystemBC, Pikabot, Smokeloader, Bumblebee and Trickbot.

Operation Endgame shuts down more than 100 servers deploying dropper malware
Source: Europol

The servers for managing these dropper malware tools were located in Bulgaria, Canada, Germany, Lithuania, the Netherlands, Romania, Switzerland, the United Kingdom, the United States and Ukraine.

Over 2000 domain names are now under the control of law enforcement agencies.

Europol also states that it is monitoring the transactions of a lead suspect, who has supposedly earned more than 69 million Euros by renting out server infrastructure for deploying malware.

In doing so, the agency has effectively shut down the criminal infrastructure and frozen the illegal movement of collected funds.

In addition, four threat actors, one in Armenia and three in Ukraine, have been arrested.

Dropper malware is used to infiltrate a system and install additional malware threats. These are used for deploying ransomware and spyware attacks.

In particular, SystemBC and Bumblebee were used to enable ransomware and phishing attacks across the globe.

Threats like IcedID and Pikabot are trojans designed to infiltrate high-value systems and deploy remote control and data theft.

Since these malware threats can evade end-point security tools, a grassroots-level elimination was the only practical option.

Therefore, this recent action against dropper malware has left a noticeable impact on global cybersecurity.

Operation Endgame is expected to continue its attacks against cyber threats.

This movement brings together resources from public law enforcement entities and private partners.

The FBI and the National Crime Agency of the UK are among these organizations.

Read More

Suggested Post