Friday 31 May 2024 @ 11:15
National Crime Agency
Printable version

National Crime Agency part of international operation to destroy cyber crime services

The National Crime Agency has dismantled the servers of prominent malware ‘droppers’ which have enabled cyber criminals to conduct ransomware attacks around the world.

Droppers are a type of malicious software which, when downloaded onto a victim’s system, allow criminals to bypass security measures and deploy additional harmful malware, including ransomware.

The activity was part of a coordinated international operation targeting dropper strains including Bumblebee, IcedID, Smokeloader and Pikabot, which were taken offline this week (w/c 27 May).

The operation was led by France, Germany and the Netherlands, but also involved law enforcement partners in Denmark, Eurojust, Europol and the United States.

NCA cyber crime specialists mapped out the criminal infrastructure and shut down the servers of both IcedID, as part of wider US-led activity, and Bumblebee, in activity which was led by the German authorities.

These particular droppers have been crucial in facilitating the most harmful cyber threats faced by the UK and across the world, causing several hundreds of millions in losses to governments and companies.

They were available to purchase on the dark web and were usually distributed to victims as attachments via mass spam email campaigns.

Anyone attempting to access the dropper sites will now be met with a law enforcement splash page, explaining that the network has been seized and is no longer available for use.

International partners have identified cyber criminals from across the dropper network, some of whom were involved in the development of the malware. They will be deanonymized over the coming months via a purpose-made domain, https://www.operation-endgame.com, as well as posted directly on to dark web cybercrime forums. In some cases, the targets have been emailed directly.

A total of four arrests were made across Armenia and Ukraine. Worldwide, over 100 servers were taken down or disrupted, and about 2,000 domain names are now under the control of law enforcement.

Paul Foster, Director of Threat Leadership at the National Crime Agency, said:

“These droppers provided the building blocks for criminals to carry out serious cyber attacks, which have caused immense damage to victims in the UK and across the globe.

“Collaborative international investigations such as this are the most impactful way to disrupt the most harmful cyber criminals and degrade the tools and services which underpin their operations.

“I would urge any businesses that may have been a victim of cyber crime to come forward and report such incidents to law enforcement.”

Channel website: http://www.nationalcrimeagency.gov.uk/

Original article link: https://www.nationalcrimeagency.gov.uk/news/national-crime-agency-part-of-international-operation-to-destroy-cyber-crime-services

Share this article

Latest News from
National Crime Agency

Former NCA officer convicted over indecent images

12/06/2024 13:05:00

A former NCA officer has pleaded guilty to making indecent images of children, possessing extreme images, and misconduct in a public office.

Corrupt border officer jailed for aiding organised crime group

10/06/2024 11:15:00

A corrupt border officer who was arrested by the National Crime Agency in August 2023 has been jailed for two years for assisting a London-based crime group.

Operation Stovewood: Seven guilty of abusing teenage girls who were in care

06/06/2024 09:20:00

Seven men have been found guilty of a string of child sex abuse offences against two teenage girls in Rotherham in the early 2000s.

NCA uncovers corrupt officials who helped wanted criminals to circumvent international Red Notice system

05/06/2024 12:10:00

Four people have been detained in Moldova in relation to a suspected corruption scheme to bribe officials in Moldova and elsewhere for wanted persons to avoid detection by Red Notices published by INTERPOL.

NCA arrest two men in connection with Channel beach death

04/06/2024 10:15:00

National Crime Agency officers have arrested two men wanted by the French authorities over the death a young girl who was attempting to cross the Channel in a small boat.

NCA investigation leads to modern slavery and cannabis charges

03/06/2024 15:15:15

Six people have been charged with forcing people to work in cannabis farms, following a National Crime Agency investigation.

Nurse sentenced for viewing child abuse material

03/06/2024 11:15:00

A nurse from Ipswich who worked with vulnerable adults has been sentenced for viewing child abuse images.

Man sentenced for importing firearms from Spain to UK and selling them online

31/05/2024 16:10:00

A man who purchased convertible blank firearms from Spain and had them shipped to Northern Ireland has been sentenced

Border Force officer jailed after supplying MDMA

31/05/2024 10:10:00

A corrupt former border officer from Kent has been sentenced after supplying class A drugs, following an investigation by the National Crime Agency