- Europol is following up on last year’s Operation Endgame Botnet Dakedown
- It made several arrests and home searches
- Some suspects cooperated but this could only be the beginning
In a follow-up on its May 2024 Botnet Reduction Operation Code Operation Endgame said Europol that it made several arrests.
The European Law Enforcement Agency, along with a number of national partners, had closed some of the largest malware droppers including ICEDID, Systembc, Pikabot, Smokeloader and Bumblebee. The operation spans several countries and more continents.
Now, in a press release published on the Europol website, it was said that the operation continued, but this time against customers at Smokeloader.
New actions
Smokeloader is a Pay-Per-Per-Install Malware loader where cyber criminals pay to use the service (which has already infected several devices) and dropping their own malware. Europol said criminals used rokeloader for keylogging, webcam access, ransomware -implementation, cryptomining and more.
“Law enforcement asked customers when they were registered in a database seized during Operation Endgame,” explained Europol, saying that these people were now facing “house searches, arresting or” knocking and conversations “.
It did not discuss the number of people involved, but it said “more suspects” cooperated with the authorities by facilitating the investigation of their digital entities. Several other suspects admitted to having resold by the smokeloader services at a marking.
Just like in Operation Endgame, Multiple Law Enforcement Agencies Were Involved In The Follow-Up, Including the FBI, Secret Service, The Dod, DCIS, Royal Canadian Mounted Police (RCMP), Czech Police, Danish Police, French National Police, Germany’s Federal Criminal Office, ProSecutor General’s Office Frankfurt Am Main – Cyber Crime Center, The Netherlands’ National Investigation and Special Operations, and the Netherlands Police.
The agency also said the operation has not yet been concluded and that “new actions” will soon be announced on the Operation-endgame.com site.
“Anyone with information is encouraged to contact the authorities via this site,” it said. “In addition, suspects involved in these and other botets that have not yet been arrested will be held directly responsible for their actions.”
