Operation Endgame – Pt2
Almost a year to the day (30 & 31st June 2024) I posted about Operation Endgame – the operation, spearheaded by the National Crime Agency (NCA) to takedown several high-profile botnets, including Pikabot, Bumblebee, and Smokeloader.
Well – it’s back – with more disruption to the bad guys whose sole mission is make people’s lives difficult, and earn considerable sums of monies in the process.
Operation Endgame pt2 has seen the disruption of a series of initial access malware – the tools cybercriminals use to infiltrate systems before deploying their ransomware.
The Operation has disrupted a number of malware strains, including:
- Bumblebee
- Lactrodectus
- Qakbot
- Hijackloader
- DanaBot
- Trickbot
- Warmcookie
Between May the 19th to May the 22nd, Law enforcement agencies and partners across the world took down approximately 300 servers, neutralised 650 malicious domains, and issued international arrest warrants against 20 key actors believed to be providing, or operating initial access services to ransomware operators.
During these events, the teams also seized over €3.5 Million in crypto currencies.
Rubbing salt in the wounds
As with the original Operation endgame, the agencies involved, not only have taken direct action, they have uploaded some of their successes to a dedicated website – making it quite plain to those criminals, that they are coming for them, and that they know who they are, and where they are.
The site features some very directed animations, as well as a count-down timer indicating more news to come, and a list of the EU’s most-wanted cyber-criminals
The endgame is coming – the criminals should be scared.
