The largest cybercriminal network this decade, Avalanche, has now been dismantled
email breach

The largest cybercriminal network this decade, Avalanche, has now been dismantled

Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.

Start Your Claim
Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

After eight years of its existence, Avalanche Botnet has now been dismantled in a 4-year-long international operation.

On 30 November, German prosecutors and police – working hand in hand with the Department of Justice and the FBI in the U.S., the EU’s law enforcement agency and other global partners – managed to disembody the international criminal network involved in phishing attacks, bank fraud, and ransomware for years around the world.

Avalanche botnet

Avalanche was first discovered in December 2008 and was believed to have its base in Eastern Europe. Security experts gave the international cybercriminals the name ‘Avalanche’ due to the high volume of its attacks.

In 2010, the Anti-Phishing Working Group’s (APWG) report found that Avalanche was responsible for two-thirds of all phishing attacks launched in the second half of 2009, and was responsible for the overall increase in phishing attacks recorded across the internet. The figure for the second half of 2009 was for more than 84,000 out of 127,000 phishing attacks.

It’s reported that they sent more than a million emails with malicious attachments on a weekly basis.

Nature of their attacks

Techniques Avalanche used were sophisticated and quick. They’d use spam emails pretending to be trustworthy organisations such as the FBI, the Association of Chief Police Officers, and financial institutions. These emails were a click-bait for victims to install malicious software attached to the emails. The malware could then steal personal information like passwords, credit card information, and even allowed cybercriminals remote access to an infected computer.

It took a very long time to clamp down on the cybercriminals, as Avalanche hosted its domains on compromised computers, also known as a botnet. There wasn’t a single hosting provider, which made it difficult to take down the criminal network.

Avalanche also used a fast-flux DNS. This technique allowed the cybercriminals to hide their server’s IP address, which meant that they could join and drop a network a lot quicker than any law enforcement officials could trace. It was like a cat and mouse chase.

The botnet served multiple phishing attacks and at least 17 different malware families to victims, and the law enforcement officials managed to seize 800,000 internet domains used by Avalanche. Representatives of the FBI and the U.S. Department of Justice issued a statement to say that:

“…the operation involves arrests and searches in five countries … and more than 50 Avalanche servers worldwide were taken offline.”

EU’s law enforcement agency

Europol, the EU’s law enforcement agency, provided further details of the operation, stating:

“[Five] individuals were arrested, 37 premises were searched, and 39 servers were seized. Victims of malware infections were identified in over 180 countries. Also, 221 servers were put offline through abuse notifications sent to the hosting providers. The operation marks the largest-ever use of sinkholing to combat botnet infrastructures and is unprecedented in its scale, with over 800 000 domains seized, sinkholed or blocked.”

The ongoing battle…

This is a small victory in the fight against cyber-terrorism. By terminating “the world’s most prolific phishing gang”, this sends out a strong message to other cybercriminal networks that law enforcement agencies will fight until cybercrimes are something of the past.

However, that may be wishful thinking as cybercrime has been on an upward rise in the past few years.

Start Your Claim

You can call our claims team free from a landline or mobile on 0800 634 7575 or click on the link below to create a call back with one of our expert Data Claims team.Information on how we handle your data is available in our Privacy Policy.

We offer genuine No Win, No Fee agreements for our clients. Why we do this is simple:

Leading Data Breach Lawyers
Our experience speaks for itself.
We will fight for your right to compensation.
Access to Justice
As a victim of a data breach or hack, you deserve your chance to get access to justice.
Risks Assessment
We carefully risk assess your case and take it on if we think we have a good chance of winning the claim.

Request A Callback From Our Team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy

solicitors regulation authority

Contact is © of Your Lawyers Limited - we are 'Authorised and Regulated by the Solicitors Regulation Authority (SRA number 508768)'
arrow-up icon