US and European police have shut down a botnet that provided a captive audience of backdoored PCs to criminals who were looking for an easy way to quickly install malware on large numbers of computers.
The takedown of the Beebone botnet is something of a coup because the underlying malware was so resistant to detection. Polymorphic downloader software at the heart of the malicious program updated itself as many as 19 times a day. Beebone also relied on a pair of programs that re-downloaded each other, acting as an insurance policy should one of them be removed, authorities told the Associated Press. "From a techie's perspective, they made it as difficult as they possibly could for us," a Europol advisory told the news organization.
The takedown was a joint operation that involved the US FBI, Europol's European Cybercrime Center, and private security groups including Kaspersky Lab, Shadowserver, and McAfee.