Law Enforcement Operation Seizes ‘Smokeloader’ Botnet Servers

A coordinated law enforcement operation has led to the seizure of several ‘Smokeloader’ botnet servers and the arrest of some of its customers.

More than 100 servers seized in operation ‘Endgame’

Authorities unfolded a massive operation against threat actors last year, leading to the seizure of more than 100 servers used for malicious purposes.

The crackdown, dubbed ‘Endgame,’ targeted the infrastructure of threat actors including Trickbot, SystemBC, Pikabot, IcedID, Bumblebee, and Smokeloader.

The operation is far from over, as authorities sift through troves of data recovered from seized servers attempting to unveil the full extent of the malicious campaigns, Europol said in a press release.

Now, law enforcement is focused on tracking the customers of the malicious services facilitated by the seized servers.

‘Smokeloader’ botnet customers in hot water

As per the investigation, the malicious operation known as ‘Smokeloader’ was run by ‘Superstar,’ a threat actor who operated the botnet as a pay-per-install business.

Customers would be granted access to systems associated with the botnet in exchange for a fee. Pushing ransomware, running keyloggers, stealthily accessing webcams, and cryptojacking were among the most common uses for Smokeloader.

“In a coordinated series of actions, customers of the Smokeloader pay-per-install botnet, operated by the actor known as ‘Superstar’, faced consequences such as arrests, house searches, arrest warrants or ‘knock and talks’,” reads Europol’s press release. “Law enforcement tracked down the customers as they were registered in a database seized during Operation Endgame.”

Staying safe against botnets and other digital threats

Dedicated software like Bitdefender Ultimate Security can defend your system against botnets, prevent them from becoming zombified, and safeguard against other cyber threats.

It constantly monitors your system and deters worms, viruses, spyware, ransomware, Trojans, rootkits, zero-day exploits and other digital intrusions.

Key features include complete, real-time protection, web attack prevention, cryptojacking protection, network threat prevention, behavioral detection to monitor active apps, and AI-powered scam detection.