Joint international police operation targets Beebone botnet

Several government and private agencies joined forces to take down a Beebone botnet that has plagued over 12,000 computers. Beebone, also known as AAEH uses a polymorphic downloader bot that installs various kinds of malware on the victim’s computer. Although the botnet looks like a minor threat, its reach is massive. As reported by Europol, there are over 5 million unique w32/Worm-AAEH samples with more than 205,000 samples from 23,000 systems in 2013-2014.

A joint effort against cybercrime

The government agencies involved in this effort include Europol’s European Cybercrime Centre (EC3), the Joint Cybercrime Action Taskforce (J-CAT), the Dutch authorities, the FBI, and U.S-based representatives at the National Cyber Investigative Joint Task Force- International Cyber Crime Coordination Cell (IC4). They were also assisted by representatives from Intel Security, Kaspersky and Shadowserver.

According to Europol’s Deputy Director of Operations, Wil van Gemert:

“This successful operation shows the importance of international law enforcement working together with private industry to fight the global threat of cybercrime. We will continue our efforts to take down botnets and disrupt the core infrastructures used by cybercriminals to carry out a variety of crimes. Together with the EU Member States and partners around the globe, our aim is to protect people worldwide against these criminal activities.”

Beebone is a worldwide threat affecting over 195 countries with the most infected countries being:

  • United States
  • Japan
  • India
  • Taiwan

This joint effort aims to clamp down on the botnet and prevent further infections. As stated by Europol:

“The botnet was ‘sinkholed’ by registering, suspending or seizing all domain names with which the malware could communicate and traffic was then redirected.”

Europol has also promised to distribute data to ISPs (Internet Service Providers) and CERTs (Computer Emergency Response Teams) around the world in order to inform the victims.

A month ago, we also covered an incident where Europol, with the help of Microsoft and Anubis Networks successfully took down a massive Ramnit botnet. Hopefully we will continue to see such well coordinated efforts by government and private agencies to fight cybercrime.

Have a nice (zombie-free) day!