On October 13, American and British law enforcement took action against the notorious DRIDEX botnet with the goal of stopping the activities of the notorious online banking threat. U.S. Attorney David J. Hickton of the Western District of Pennsylvania called the operation a “technical disruption and a blow to one of the most pernicious malware threats in…Read More
Multiple command-and-control (C&C) servers used by the DRIDEX botnet have been taken down by the Federal Bureau of Investigation (FBI), following the action taken by the National Crime Agency (NCA) in the UK.
US law enforcement officials obtained court orders that resulted in the seizure of multiple servers used by DRIDEX. This crippled the malware’s C&C network, which is used by the malware to send the stolen information to the cybercriminals and to download configuration files that include the list of targeted banks. Furthermore, charges have been made against Andrey Ghinkul, aka Andrei Ghincul and Smilex, the Moldovan administrator of the botnet.Read More
Last week, news reports said the United States government was considering enacting sanctions against individuals and organizations in China and Russia for their involvement in hacking incidents targeting US companies. While hacks against government bodies like the Office of Personnel Management (OPM) have received the most attention, these sanctions are not aimed at these sorts of attacks. These actions may sound like a giant…Read More
The Deep Web is back in the news. Agora, one of the biggest darknet marketplaces, announced two weeks ago that it will go offline to bolster its defenses against law enforcement agencies who want to take them down. Meanwhile, a Deep Web user was indicted on federal charges of drug trafficking and money laundering. These…Read More
The collaboration between Trend Micro, INTERPOL, Microsoft, Kaspersky Lab, and the Cyber Defense Institute resulted in a triumph for the security industry earlier this week: the takedown of the SIMDA botnet. Trend Micro provided information such as the IP addresses of the affiliated servers and statistical information about the malware used, which led to the disruption of…Read More