Europol Conducts Largest Global Operation Against Malware, Making Four Arrests

Share

Europol announced today the successful completion of "Endgame," the largest ever international operation targeting malware, resulting in four arrests and the dismantling of over 100 servers. This extensive operation marks a significant blow to the dropper ecosystem, a critical component in the spread of ransomware.

The operation led to arrests in Armenia and Ukraine, and eight more individuals associated with these criminal activities are now listed among Europe’s most wanted. The coordinated effort, conducted from May 27 to 29, involved multiple investigations across Armenia, Ukraine, Portugal, and the Netherlands, as well as seizures in several European countries, the United States, and Canada.

"Endgame" began in 2022 and revealed that one of the primary suspects had earned at least €69 million in cryptocurrency by renting out criminal infrastructure. This infrastructure was used to deploy various types of malware, including IcedID, SystemBC, Bumblebee, Smokeloader, Pikabot, and Trickbot. These malware families are connected to at least 15 ransomware groups, according to the German federal police and the Frankfurt public prosecutor's office.

Droppers, which introduce other malware into targeted systems, play a crucial role in the infection chain. They allow cybercriminals to bypass security measures and deploy malicious software, making them a key threat. The "SystemBC" dropper, for example, facilitates anonymous communication between compromised systems and control servers, while "Pikabot" allows for remote control and data theft.

French authorities, who tracked down and dismantled parts of the "SystemBC" network, arrested the "Pikabot" administrator in Ukraine with the help of local authorities. They also identified a key player of "Bumblebee," conducting searches and examinations in Armenia.

"Trickbot," another malware targeted by the operation, was notably used to ransom hospitals and healthcare centers in the US during the COVID-19 pandemic. Nicolas Guidoux, head of the French judicial police's cybercrime unit, emphasised the importance of this operation ahead of the Paris Olympics this summer, where authorities anticipate a heightened risk of cyber attacks.

Authorities are currently analysing the seized servers to estimate the number of victims, which is expected to be in the hundreds of thousands. Operation Endgame continues, and more arrests are anticipated, Europol concluded.

(Source: Kathimerini)

Ads1

Ads1

Recent Posts

Joanna Paliospirou Case: Perpetrator Withdraws Appeal, Bringing End to Shocking Trial

In a surprising turn of events, Efi Kakarantzoula, the woman responsible for the vitriol attack…

METLEN Announces €295.5 Million Investment for Bauxite, Alumina, and Gallium Production in Greece

METLEN Energy & Metals has announced a €295.5 million investment to develop an integrated production…

UN Security Council Adopts Greece and US-Backed Resolution on Red Sea Security

The UN Security Council has adopted a resolution co-authored by Greece and the United States,…

Record-Breaking Application Rush for "My House II" (Σπίτι Μου 2) Program

My House II" (Σπίτι Μου 2) program has seen a remarkable influx of over 6,000…

Džumhur and Tsitsipas Advance to Second Round of Australian Open Doubles

Džumhur and Tsitsipas Advance to Second Round of Australian Open Doubles** In an intense and…

Athens to Name Street in Honour of Late Prime Minister Costas Simitis

Athens will honour the late former Prime Minister Costas Simitis by naming a street after…

Copyright Greek City Times 2025