Many won’t have heard of the Avalanche network unless they have been directly affected by it or the malicious software it has been spewing out for years. Avalanche was a criminal network of over 600 servers for hire and was used for money laundering activities and proliferation of malware. The system was finally taken down on 30th November 2016 by a multi-national team of law enforcement comprised of the FBI, Europol and the UK’s own National Crime Agency (NCA).
Police estimate the network was responsible for controlling more than 500,000 infected bot PC’s per day and spamming around 1 million virus-ridden emails each week since its inception in 2012 and subsequent discovery by German police. In 2010 it was reported that the systems that subsequently became Avalanche were estimated to be responsible for around two thirds of phishing attacks in 2009.
The shutdown of the central Avalanche servers does not mean those infected PC’s are suddenly free however and it is likely to be a good deal of time before those PC’s themselves either drop out of circulation or are cleaned by their owners – since most won’t ever know they were infected.
The raids on 30th November seized 39 servers and took an estimated 221 others offline, 37 premises were searched and 830, 000 malicious domains shut down.
EU and US authorities finally tracked down the Avalanche servers through a technique known as sink holing whereby data traffic from infected machines was routed through servers controlled by the police and analysed, after sifting through a whopping 130TB of data the details of the Avalanche server infrastructure were uncovered - enabling Wednesdays take-down operation.
This latest cyber victory for the good guys has been chalked up to unprecedented international cooperation between public and private security organisations enabling a successful and significant impact on some of the top-level cybercriminals operating today making the internet a slightly safer place.
The graphic above is from: https://www.europol.europa.eu/publications-documents/operation-avalanche-infographic