#CyberHeadlines: Avalanche Network Dismantled
The Avalanche Network has finally been dismantled by EU and US officials
Last week in Europe, the European Union in conjunction with US authorities announced that they had disabled the Avalanche fraud network, responsible for 2/3 phishing attacks in 2009. The Avalanche group is a hacker organization that targets organizations and government entities with either banking malware or ransomware. So, obviously, they’re out for money. Operating since at least 2009, the Avalanche group has infected at least 600 servers, 500,000 computers in at least 180 countries worldwide using a version of a Zeus Trojan service in phishing emails. 830,000 web domains were used in the scheme. In Avalanche’s hay day, they used 17 different types of malware hosted by the network. While authorities have yet to disclose the identities of the enactors, they have said that 5 people are currently in custody in their respective countries.
The state prosecutor’s office in Pittsburgh, PA was hit with ransomware in 2015 by the Avalanche group and ended up paying nearly $1,400 in bitcoins. An employee had simply followed a legitimate looking, but malicious, link from a phishing email. Acting US Attorney in Pittsburgh, Soo Song, commenting on this cyber security victory, said that “The takedown of Avalanche was unprecedented in its scope, scale, reach and level of cooperation among 40 countries.”