full screen background image


2 August 2019 - Concours de droit comparé Société de législation comparée ... +++ 25 July 2019 - Formation: Après-midi d’étude – Blockchain et contrats intelligents Editions Larcier, ici Formation: Ap ... +++ 4 June 2019 - Formation Lexing – Marketing et RGPD Editions Larcier, ici   Format ... +++ 19 April 2019 - Société de législation comparée – Concours de droit comparé Revue internationale de droit compa ... +++ 11 April 2019 - Formation: Colloque DCCR – Droit de la consommation et protection des données à caractère personnel Revue de droit international et de ... +++ 7 March 2019 - 6ème Atelier de droit comparé – 22 mars 2019 Revue internationale de droit compa ... +++

*Law of Aliens

Published on December 5th, 2016 | by Elpida Tsiaka


‘Avalanche’ network dismantled in international cyber operation

On December 1st, 2016, Europol supported law enforcement authorities from 30 countries in dismantling an international bulletproof criminal server infrastructure. The network was used for malware attacks and money mule recruiting campaigns and caused an estimated EUR 6 million in damages on online banking systems in Germany alone. The overall monetary losses associated with malware attacks performed using the Avalanche network are estimated to be in the hundreds of millions of Euros worldwide.

The global effort to take down this network relied on the close cooperation of prosecutors and investigators with cybersecurity authorities and private partners. As a result, five individuals were arrested, 37 premises were searched, and 39 servers were seized. Victims of malware infections were identified in over 180 countries. In addition, 221 servers were put offline through abuse notifications sent to the hosting providers. The operation marks the largest-ever use of sinkholing to combat botnet infrastructures and is unprecedented in its scale, with over 800 000 domains seized, sinkholed or blocked.

On the action day, Europol hosted a command post at its headquarters in The Hague. From there, representatives of the involved countries worked together with Europol’s European Cybercrime Centre (EC3) and Eurojust officials to ensure the success of such a large-scale operation.

In preparation for this joint action, the German Federal Office for Information Security (BSI) and the Fraunhofer-Institut für Kommunikation, Informationsverarbeitung und Ergonomie (FKIE) analysed over 130 TB of captured data and identified the server structure of the botnet, allowing for the shut-down of thousands of servers and, effectively, the destruction of the entire network.

The successful dismantlement of the criminal server infrastructure was supported by Interpol, the Shadow Server Foundation, the Registry of Last Resort, ICANN and domain registries involved in the takedown phase. Swift cooperation was of the essence: the criminal network’s central servers changed domain names and moved every 5 minutes, across borders and around the world.

For more information here

About the Author

Back to Top ↑