U.S. and European officials say they’ve knocked out a cybercrime group accused of inflicting hundreds of millions of dollars in losses worldwide, putting five key suspects in custody.
The European Union police agency said Thursday the sweep was “unprecedented in its scale” and resulted in the seizure of 39 servers and hundreds of thousands of internet domains used by the Avalanche network, a major player in the market for cybercrime services.
Unlike some past seizures — which grabbed crooks’ infrastructure while leaving the masterminds free to reorganize their networks — officials say they’re confident they’ve struck a fatal blow this time.
“We have arrested the top, the head of the snake,” Fernando Ruiz, the head of operations at Europol’s Cybercrime Center, told The Associated Press ahead of the announcement. “We are sure that this will have a very huge impact.”
Ruiz called Avalanche “the perfect example of crime as a service,” saying the massive network was rented out by players across the underworld to send spam, direct malicious software and to recruit money mules.
As a cybercriminal, Ruiz said, “you will contact this organization, and this organization will give you all you need.”
He said the arrests Wednesday followed months of preparation and years of investigation by law enforcement agencies. In a separate statement , the U.S. Department of Justice said 40 different countries were involved and accused the network of hosting some of the world’s most pernicious malware as well as several money laundering campaigns.
German Interior Minister Thomas de Maiziere told reporters at a press conference in the town of Lueneburg that the size of the operation was “unique.”
The network came into focus in 2012 after German officials began looking into the spread of fake police ransomware — an early form of extortion software designed to trick users into thinking their computers had been locked down by law enforcement — according to Orla Cox, the director of security intelligence at Symantec Corp., a California-based security firm which participated in the investigation. That inquiry eventually widened to include dozens of other law enforcement agencies investigating a wide array of misdeeds.
German authorities alone would eventually record 1,336 crimes in connection with the group. Neither U.S. or European officials would issue precise figures but both said losses connected to the gang’s activities reached into the hundreds of millions.
German officials suggested other, potentially lower-ranking members of the gang appear to have escaped the global dragnet.
Prosecutors there said they were able to identify 16 people at the group’s “leadership level” and a court in the German town of Verden had issued arrest warrants for seven of them. It’s not clear how many, if any, of the seven people being sought by German authorities overlap with the five individuals arrested Wednesday.
Ruiz, of Europol, declined to give any details of those arrested or even say where they had been detained, saying the countries where the arrests took place had asked not to be identified.
Cox, with Symantec, confirmed that some suspects were still at large but said law enforcement was still pretty sure they’d beaten Avalanche, given the sheer scale of what they’d seized.
“We can never say it’s completely done but confidence levels are high this time around,” Cox said.
Filed Under: Industry regulations
