sb-as logo
Story image

'Avalanche Network' botnet hideout busted; ESET offers cleanup help

13 Dec 2016

Cybercriminal activity hub Avalanche Network has been busted by law enforcement agencies, ending a long reign of protection for botnet operators.

The operators were attempting to hide from takedown and domain blacklisting, but concentrated efforts from enforcement agencies have busted what ESET called a "fast-flux or ever-changing network".

"A fast-flux network, such as the one operated by the Avalanche group, can be defined as 'a DNS technique used by botnets to hide phishing and malware delivery sites behind an ever-changing network of compromised hosts acting as proxies', ESET says.

The network was made up of compromised hosts acting as proxy servers. They are more difficult to detect as security researchers as they can't map the attacker's infrastructure or identify the real command & control server.

Some of the various malware botnets using the Avalanche network included TeslaCrypt, Nymaim, CoreBot, GetTiny, Matsnu, Rovnix, URLZone and QakBot. ESET says that these families show the network is sold as a service to other cybercriminals.

ESET is offering a free cleaning tool for all users following the takedown. The company advises all users to use the tool to determine whether they were affected by one of the botnets using the network. The tool will then remove all harmful content at no cost.

Story image
Fortinet achieves 400 integrations of Open Fabric Ecosystem
Fortinet EVP of products and CMO John Maddison says that the ecosystem aims to improve security, reduce complexity, and simplify operations. More
Story image
Why a more secure organisation is a collective responsibility
With vast volumes of data moving to the cloud, many IT professionals are frequently challenged to protect their enterprise environment, and there is a greater focus being placed on advancing cybersecurity strategies.More
Story image
Cloud services top threat vector for healthcare industry
"The coronavirus pandemic continues to highlight the unique cybersecurity needs of the healthcare industry, even as it has increased the number of threats these organisations face."More
Story image
APAC financial firms bite down as crime compliance costs rise
The total projected cost of financial crime compliance within Asia Pacific firms reached US$12.06 billion, according to a new report.More
Story image
Infrastructure-as-code, and how it can secure the cloud
Bridgecrew recognised IaC early on as one of the best ways for modern teams to delegate security ownership to individual contributors while distributing it across existing frameworks within CI/CD pipelines. This attribute meant that IaC was invaluable in securing cloud-native environments.More
Story image
Video: 10 Minute IT Jams - Radware VP on the challenges of cloud security
In this interview, Techday speaks to Radware vice president of technologies Yaniv Hoffman, who discusses the primary challenges facing IT organisations in terms of their cloud security apparatus.More