Story image

'Avalanche Network' botnet hideout busted; ESET offers cleanup help

13 Dec 2016

Cybercriminal activity hub Avalanche Network has been busted by law enforcement agencies, ending a long reign of protection for botnet operators.

The operators were attempting to hide from takedown and domain blacklisting, but concentrated efforts from enforcement agencies have busted what ESET called a "fast-flux or ever-changing network".

"A fast-flux network, such as the one operated by the Avalanche group, can be defined as 'a DNS technique used by botnets to hide phishing and malware delivery sites behind an ever-changing network of compromised hosts acting as proxies', ESET says.

The network was made up of compromised hosts acting as proxy servers. They are more difficult to detect as security researchers as they can't map the attacker's infrastructure or identify the real command & control server.

Some of the various malware botnets using the Avalanche network included TeslaCrypt, Nymaim, CoreBot, GetTiny, Matsnu, Rovnix, URLZone and QakBot. ESET says that these families show the network is sold as a service to other cybercriminals.

ESET is offering a free cleaning tool for all users following the takedown. The company advises all users to use the tool to determine whether they were affected by one of the botnets using the network. The tool will then remove all harmful content at no cost.

Industrial control component vulnerabilities up 30%
Positive Technologies says exploitation of these vulnerabilities could disturb operations by disrupting command transfer between components.
McAfee announces Google Cloud Platform support
McAfee MVISION Cloud now integrates with GCP Cloud SCC to help security professionals gain visibility and control over their cloud resources.
WatchGuard announces A/NZ partners awards
Four Australian companies were named partner award winners at the WatchGuard conference in Vietnam.
Telstra’s 2019 cybersecurity report
Cybersecurity remains a top business priority as the estimated number of undetected security breaches grows.
Why AI and behaviour analytics should be essential to enterprises
Cyber threats continue to increase in number and severity, prompting cybersecurity experts to seek new ways to stop malicious actors.
Scammers targeting more countries in sextortion scam - ESET
The attacker in the email claims they have hacked the intended victim's device, and have recorded the person while watching pornographic content.
Cryptojacking and failure to patch still major threats - Ixia
Compromised enterprise networks from unpatched vulnerabilities and bad security hygiene continued to be fertile ground for hackers in 2018.
Why cybersecurity remains a top business priority
One in two Australian businesses estimated that they will receive fines for being in breach of new legislation.