US And European Cyber Squads Take Down International Beebone Botnet

A collaborative international cybersecurity operation has dismantled an intricate botnet that was dumping malware on tens of thousands of PCs in what cybercrime experts say was an extremely sophisticated approach.

The U.S. Joint Cybercrime Action Taskforce (J-CAT) and the Europol European Cybercrime Centre (EC3), along with the FBI, top security firms and U.S. tech players, including Intel, and Dutch crime officials shuttered the Beebone botnet, which was using a polymorphic download system to infect about 12,000 PCs, at the very least.

Most of the PCs infected were in the U.S., Japan, Taiwan and India but officials said the malware effort included 195 countries.

"From a techie's perspective, they made it as difficult as they possibly could for us," said Raj Samani, a Europol adviser.

Another Europol leader noted the collaborative defense was key in destroying the dangerous botnet.

"This successful operation shows the importance of international law enforcement working together with private industry to fight the global threat of cybercrime," stated Wil van Gemert, Europol deputy director of operations. "We will continue our efforts to take down botnets and disrupt the core infrastructures used by cybercriminals to carry out a variety of crimes. Together with the EU Member States and partners around the globe, our aim is to protect people worldwide against these criminal activities."

Beebone is viewed by cybersecurity experts as top-notch and capable of self-updating nearly two dozen times a day which meant eradicating it was extra hard as it would reload itself on PCs as a way to battle removal efforts.

The successful botnet shutdown used the "sinkhole" strategy in which all vulnerable domain names were suspended or seized and the botnet traffic was redirected. Security experts say there are more than 5 million worm samples from Beebone. In conducting the sinkhole approach the joint task force established a command channel that stopped the malware updating and other botnet actions. The PCs, however, still must be cleaned of the infections and the best remedy is to wipe the hard drives and do an OS reinstall, say experts.

The cybercrime fighting team is now reaching out to Internet service providers and global cybercrime response teams to identify PCs infected by Beebone.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics