Summary: Law enforcement agencies across the US and Europe have successfully identified customers of the Smokeloader botnet and made five arrests as part of Operation Endgame, which disrupted multiple malware infrastructures. The operation relied on a seized database to connect online identities with actual individuals, leading to collaborations with several suspects. Authorities remain vigilant in tracking and apprehending users of this and other botnets, continuing their efforts beyond the initial arrests.
Affected: Smokeloader botnet users, cryptocurrency exchanges, law enforcement agencies
Keypoints :
- Operation Endgame, launched in May 2024, disrupted the Smokeloader botnet and its associated malware droppers.
- Law enforcement seized a database of the botnet’s customers, facilitating follow-up actions and arrests.
- International collaboration involved agencies from Canada, Czech Republic, Denmark, France, Germany, the Netherlands, and the US.
- Recent US Treasury sanctions targeted three cryptocurrency exchanges linked to malicious activities.
- Russian suspects operating the exchanges have been indicted in the US, with further arrests made in Russia.
Source: https://www.securityweek.com/europol-targets-customers-of-smokeloader-pay-per-install-botnet/