International police and private sector companies recently collaborated to take down the criminal infrastructure supporting the botnet Beebone.
Operation Source brought together security providers and international crime agencies to successfully eradicate Beebone. The botnet had facilitated the download of malware, including banking password stealers, rootkits, fake antivirus software and ransomware, onto thousands of systems across 195 countries. At its peak, the McAfee Labs team found more than 100,000 infections of Beebone.
Beebone also included wormlike functionality, allowing it to spread to new machines by propagating across networks, removable drives and through ZIP and RAR files.
Intel Security initially identified the threat in March 2014, collecting enough data by September to approach partners including Europol’s European Cybercrime Centre, the Dutch authorities, the US FBI and other private sector companies. The parties took down over 100 domains.
"Intel Security, along with a global law enforcement collaboration including the Dutch High Tech Crime Unit, Europol, and FBI, this week has successfully dismantled the polymorphic worm known as W32/Worm-AAEH/Beebone," said Raj Samani, EMEA CTO.
He added: "Intel Security is aware of more than 5 million unique AAEH samples with more than 100,000 machines from 200 countries identified. This kind of takedown could not have happened without the cooperation between police organisations and private companies like Intel Security.
"This operation is further evidence that only a combined response is capable of slowing down the every growing menace of cybercrime. With both public and private agencies working together to battle the ever-evolving cyber-threat do we have a chance of bringing them down and making the online world a safer place for all," concluded Samani.