On 29 November 2017, the Federal Bureau of Investigation (FBI), in close cooperation with the Luneburg Central Criminal Investigation Inspectorate in Germany, Europol’s European Cybercrime Centre (EC3), the Joint Cybercrime Action Task Force (J-CAT), Eurojust and private-sector partners, dismantled one of the longest running malware families in existence called Andromeda (also known as Gamarue).
This widely distributed malware created a network of infected computers called the Andromeda botnet . According to Microsoft, Andromeda’s main goal was to distribute other malware families. Andromeda was associated with 80 malware families and, in the last six months, it was detected on or blocked an average of over 1 million machines every month. Andromeda was also used in the infamous Please login or register to see this link. in 2016.
Steven Wilson, the Head of Europol’s European Cybercrime Centre: “This is another example of international law enforcement working together with industry partners to tackle the most significant cyber criminals and the dedicated infrastructure they use to distribute malware on a global scale. The clear message is that public-private partnerships can impact these criminals and make the internet safer for all of us.”
One year ago, on 30 November 2016, after more than four years of investigation, the Public Prosecutor’s Office Verden and the Luneburg Police in Germany, the United States Attorney’s Office for the Western District of Pennsylvania, the Department of Justice, the FBI, Europol, Eurojust and global partners, had dismantled the international criminal infrastructure Avalanche. This was used as a delivery platform to launch and manage mass global malware attacks such as Andromeda, and money mule recruitment campaigns.
Insights gained during the Avalanche case by the investigating German law enforcement entities were shared, via Europol, with the FBI and supported this year’s investigations to dismantle the Andromeda malware last week.
Jointly, the international partners took action against servers and domains, which were used to spread the Andromeda malware. Overall, 1500 domains of the malicious software were subject to sinkholing . According to Microsoft, during 48 hours of sinkholing, approximately 2 million unique Andromeda victim IP addresses from 223 countries were captured. The involved law enforcement authorities also executed the search and arrest of a suspect in Belarus.
Simultaneously, the German sinkhole measures of the Avalanche case have been extended by another year. An extension of this measure was necessary, as globally 55 per cent of the computer systems originally infected in Avalanche are still infected today.
The measures to combat the malicious Andromeda software as well as the extension of the Avalanche measures involved the following EU Member States: Austria, Belgium, Finland, France, Italy, the Netherlands, Poland, Spain, the United Kingdom, and the following non-EU Member States: Australia, Belarus, Canada, Montenegro, Singapore and Taiwan.
The operation was supported by the following private and institutional partners: Shadowserver Foundation, Microsoft, Registrar of Last Resort, Internet Corporation for Assigned Names and Numbers (ICANN) and associated domain registries, Fraunhofer Institute for Communication, Information Processing and Ergonomics (FKIE), and the German Federal Office for Information Security (BSI).
The operation was coordinated from the command post hosted at Europol’s HQ.
 Botnets are networks of computers infected with malware, which are under the control of a cybercriminal. Botnets allow criminals to harvest sensitive information from infected computers, such as online banking credentials and credit card information. A criminal can also use a botnet to perform cyberattacks on other computer systems, such as denial-of-service attacks.
 Sinkholing is an action whereby traffic between infected computers and a criminal infrastructure is redirected to servers controlled by law enforcement authorities and/or an IT security company. This may be done by assuming control of the domains used by the criminals or IP addresses. When employed at a 100% scale, infected computers can no longer reach the criminal command-and-control computer systems and criminals can therefore no longer control the infected computers. The sinkholing infrastructure captures victims’ IP addresses, which can subsequently be used for notification and follow-up through dissemination to National CERTs and network owners.
Crime areas Source: Please login or register to see this link. Please login or register to see this link.
Biroul Federal pentru Investiga?ii din SUA a pus la dispozi?ie o recompens? de un milion de dolari (890.000 euro) pentru arestarea unui hacker român despre care exist? informa?ii c? s-ar ascunde în România, suspectul fiind pe locul doi în topul persoanelor c?utate de FBI pentru astfel de infrac?iuni
Autorit??ile federale americane promit recompense totale de 4,2 milioane de dolari pentru cei mai periculo?i cinci infractori cibernetici.
Cel mai c?utat hacker este Evgheni Mihailovici Bogacev, un cet??ean rus pentru care FBI ar oferi trei milioane de dolari.
Pe locul doi în topul hackerilor c?uta?i este un român, Nicolae P., relateaz? blogul cotidianului The Washington Post. Românul este acuzat c? a p?c?lit clien?i pe site-uri de vânz?ri auto, unde posta anun?uri cu ma?ini care nici m?car nu existau în realitate. Românul ?i complicii s?i ar fi ob?inut prin aceast? metod? infrac?ional? venituri de trei milioane de dolari.
FBI suspecteaz? c? Nicolae P. se ascunde în România, oferind pentru capturarea lui o recompens? de un milion de dolari.
Al?i trei hackeri c?uta?i de autorit??ile americane sunt Aleksei Belan, Peteris Sahurovs ?i Shaileshkumar Jain.
sursa:Please login or register to see this link.
A New York City Police Department (NYPD) auxiliary deputy inspector was arrested Wednesday morning for allegedly hacking into a restricted NYPD computer and other sensitive law enforcement databases.
Yehuda Katz used the databases to collect information on individuals who had been involved in traffic accidents in the New York City area, according to a FBI press release. He then posed as an attorney, among other things, and solicited them for a 14 percent fee.
Katz allegedly used multiple electronic devices in the NYPD's 70th Precinct that were capable of streaming video and remotely accessing NYPD computers. He was then able to obtain the login information from uniformed officers to view the databases he didn't have permission to access including one belonging to the FBI database. If convicted. Katz faces up to 10 years in prison.
Please login or register to see this link.
Hacker from Anapa Evgeny Bogachev declared wanted by the FBI for fraud and extortion of money by a botnet Gameover Zeus, among neighbors and residents of the resort town is considered to be a hero. This in his special report from the Krasnodar region reported The Telegraph .
In early June, based on the documents of the FBI, the British newspaper correspondents managed to set the address of the intended stay Bogacheva. As it turned out, his last location of US intelligence agencies believe the house number 120 on the street Lermontov.
Send to this address journalists talked with the locals and found that for most of them is a model of hacker clever and talented man.
Neighbors describe Evgeny Bogachev, as a quiet young man who loved to ride on a yacht. About Bogacheva employment in the IT sector, some of the residents knew only on sticker on his car Volvo, touting "repair of computer equipment."
Seeing his neighbor in a photo from the press release the FBI, many refused to consider him a criminal, claiming that in fact Bogachyov - the hero and the "nice guy."
According to 23-year-old local resident Michael, he often saw Eugene Bogacheva in the hallway, facing the street with his wife and 9-year-old daughter. Hacker believes talented young man and his actions on hacking other people's computers - it is moral because he hacked only "enemy computers, not their, Russian users."
The same view is shared by the journalists surveyed The Telegraph local taxi driver Vazgen Atanasov.
"Great guy." "If we consider that the Americans are doing with other people, their actions, he just pay them what they deserved. Vazgen Atanasov, a taxi driver from Anapa"
Law enforcement agencies of the spa town, apparently, is not going to take any kind of action was to catch the hacker. The representative of the local police station refused to tell The Telegraph whether he received instructions from their superiors about Eugene Bogacheva. At the same time, speaking on my own behalf, a police officer said that he "would hang on Bogacheva medal."
US authorities have put forward against Eugene Bogacheva charges of fraud, money laundering and hacking at the beginning of June. At the same time, the FBI reported that they were able to take control of the partially created Bogachyov Gameover Zeus botnet and "free" about 300 thousand were part of a computer.
This US law enforcement agencies benefited from collaboration with the Ukrainian police, seized in May in Kiev and Donetsk several command servers botnet.
Botnet Eugene Bogacheva worked on the basis of his writings Trojan Zeus, and for profit used the program Cryptolocker. With Cryptolocker hacker could encrypt files on users' computers and demand ransom for the return of access to them.
According to the FBI, once the victim Gameover Zeus became even employees of one of the police stations in Massachusetts. For unlocking their computers police moved Bogachyov $ 750. In total, income from the Gameover Zeus is estimated at US $ 100 million.
Please login or register to see this link.