Story image

'Avalanche Network' botnet hideout busted; ESET offers cleanup help

13 Dec 16

Cybercriminal activity hub Avalanche Network has been busted by law enforcement agencies, ending a long reign of protection for botnet operators.

The operators were attempting to hide from takedown and domain blacklisting, but concentrated efforts from enforcement agencies have busted what ESET called a "fast-flux or ever-changing network".

"A fast-flux network, such as the one operated by the Avalanche group, can be defined as 'a DNS technique used by botnets to hide phishing and malware delivery sites behind an ever-changing network of compromised hosts acting as proxies', ESET says.

The network was made up of compromised hosts acting as proxy servers. They are more difficult to detect as security researchers as they can't map the attacker's infrastructure or identify the real command & control server.

Some of the various malware botnets using the Avalanche network included TeslaCrypt, Nymaim, CoreBot, GetTiny, Matsnu, Rovnix, URLZone and QakBot. ESET says that these families show the network is sold as a service to other cybercriminals.

ESET is offering a free cleaning tool for all users following the takedown. The company advises all users to use the tool to determine whether they were affected by one of the botnets using the network. The tool will then remove all harmful content at no cost.

Hillstone CTO's 2019 security predictions
Hillstone Networks CTO Tim Liu shares what key developments could be expected in the areas of security compliance, cloud, security, AI and IoT.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Security platform provider Deep Instinct expands local presence
The company has made two A/NZ specific leadership hires and formed several partnerships with organisations in the region.
Half of companies unable to detect IoT device breaches
A Gemalto study also shows that the of blockchain technology to help secure IoT data, services and devices has doubled in a year.
Stepping up to sell security services in A/NZ
WatchGuard Technologies A/NZ regional director gives his top tips on how to make a move into the increasingly lucrative cybersecurity services market.
Huawei founder publically denies spying allegations
“After all the evidence is made public, we will rely on the justice system.”