Operation Endgame | Botnets disrupted after international action
On Thursday, May 30th, 2024, a coalition of international law enforcement agencies announced "Operation Endgame". This effort targeted multiple botnets, such as IcedID, Smokeloader, SystemBC, Pikabot, and Bumblebee, as well as their operators, and Spamhaus is assisting with the remediation efforts.
Malware Digest January 2024
Malware Digest December 2023
Malware Digest November 2023
Malware Digest October 2023
Malware Digest September 2023
Malware Digest August 2023
Qakbot - the takedown and the remediation
Writing "Qakbot" and "takedown" in the same sentence is quite something. Usually, Spamhaus is bemoaning the ever-growing numbers of compromised IPs associated with this malware. But, on Tuesday, August 29th, 2023, the Federal Bureau of Investigation (FBI) announced that it coordinated an international group...
Malware Digest July 2023
Malware Digest June 2023
Lifting the lid on a long-time operating Brazilian malware gang
For over 8 years, our researchers have been tracking an operation that targets Brazilian internet users, and is focused on stealing their banking credentials, withdrawing funds from its victim’s accounts. Here’s a potted history.
Malware Digest March 2023
Neutralizing Tofsee Spambot – Part 3 | Network-based kill switch
In part three, we focus on using a network kill switch - causing an out-of-bounds read error, leading to Tofsee crashing.
Neutralizing Tofsee Spambot - Part 2 | InMemoryConfig store vaccine
In part two, learn about a second malware vaccine our team has produced, focused on polluting Tofsee's internal configuration store.
Malware Digest February 2023