BERLIN (Reuters) – A global botnet said to be one of the world’s biggest networks of hijacked computers, and which is suspected of being used to attack online banking customers, has been taken down following police swoops in ten countries, German police said on Thursday.
In an internationally coordinated campaign, authorities carried out the raids on Wednesday, seized servers and website domains and arrested suspected leaders of a criminal organisation, said police and prosecutors in northern Germany.
Officials said they had seized 39 servers and several hundred thousand domains, depriving criminals of control of more than 50,000 computers in Germany alone. These hijacked computers were used to form a “botnet” to knock out other websites.
Two people who are believed to have been the administrators of the botnet infrastructure known as “AVALANCHE” were arrested in Ukraine, investigators said. Another person was arrested in Berlin, officials added.
The strike came in the same week that hackers tried to create the world’s biggest botnet, or an army of zombie computers, by infecting the routers of 900,000 Deutsche Telekom with malicious software.
The attack failed but froze the routers, causing outages in homes, businesses and government offices across Germany on Sunday and Monday, Deutsche Telekom executives said.
Police said criminals had used the “AVALANCHE” botnet targeted in Wednesday’s international raids since 2009 to send phishing and spam emails. More than a million emails were sent per week with malicious attachments or links.
When users opened the attachment or clicked on the link, their infected computers became part of the botnet.
Investigators said the suspects had operated the commandeered network and made it available to other criminal groups, who had used it to send spam and phishing mails, defraud online banking user and to spread ransomware, a form of online extortion scheme.
Officials estimated worldwide damages at upward of several hundred million euros.
Authorities have identified 16 suspected leaders of the organisation from 10 different countries.
A court in Verden, northern Germany, has issued arrest warrants for seven people on suspicion of forming a criminal organisation, commercial computer fraud and other criminal offences.
The raids came after more than four years of intensive investigation by specialists in 41 countries.
(Reporting by Caroline Copley; Editing by Alison Williams)