thecrimeshop

Avast and Police Kill 850,000 Malware Infections

Avast and Police Kill 850,000 Malware Infections

retadup-worm-malware-taken-down-by-avast-and-french-police-850000-computers-disinfected_crimeshop

Avast and French Police Outsmart Botnet Creators 

Cristal M Clark 

The Retadup malware infects computers and starts mining cryptocurrency by sapping power from a computer’s processor. The malware was used to generate money and the malware operators could also run other malicious code, such as spyware and/or ransomware. The malware also comes with a bonus, wormable properties, allowing it to spread from computer to computer.

retadup-malware-botnet-infected-by-another-malware-crimeshop

Since its birth, the cryptocurrency mining malware has spread across the world, including the U.S., Russia, and Central and South America.

Sounds a lot like a nightmare for any infected computer, yet French police managed to hijack and neutralized a massive cryptocurrency mining botnet that controlled close to a million infected computers. Security firm Avast confirmed that the operation was quite successful.

Avast discovered a design flaw in the malware’s command and control server. That flaw, if properly exploited, would have “allowed us to remove the malware from its victims computers without pushing any code to victims computers,” according to researchers at Avast. 

Sadly, Avast did not have the proper legal authority to exploit the flaw considering it would have involved them manipulating end users computers without their permission and I am not referring to the bad guys, I am referring to individuals such as you or myself. So Avast did the next best thing, they contacted French authorities because the malwares infrastructure seemed to live and breath in France.  

botnet-crimeshop

So after obtaining the right authorization in July, Avast and French police took control of the server and disinfect affected computers.

This take-down ended in perfect fashion however had the authors of the malware realized what had been happening they could have pushed ransomware to hundreds of thousands of computers while still attempting to profit from the malware before the take-down. 

Researchers built their own replica of the malware since they now had a copy of it, which disinfected victim computers instead of causing infections. Avast amazingly stopped the malware from operating and removed the malicious code to over 850,000 infected computers.

Remotely shutting down a malware botnet is a rare and difficult feat to achieve, my hats off to the Avast and the French Police.  

 

Cristal M Clark

IOS users can find The Crime Shop on Apple News

@thecrimeshop on twitter

https://www.instagram.com/crimeshop.cc/?hl=en

And https://gab.ai/thecrimeshop

Search for a Topic
Categories
Posted Recently
Submissions

Would you like to contribute as an editor or a writer on our site? Let us know all the details about yourself and send us a message.

What are your thoughts

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Blog at WordPress.com.

%d bloggers like this: