With technology companies and law enforcement working against each other lately, mostly the law wanting help breaking into phones to help solve crimes and tech companies refusing to destroy their users’ trust, it’s a rarity for the two sides to work together.
However, in order to battle a large botnet, Avast and the police have teamed up in France to fight the botnet and force it to self-destruct.
Avast Gets Some Help
Antivirus company Avast had been watching the Retadup malware for an extended length of time. It affects Windows computers and has been spread around the world rapidly to locations including the United States, Russia, Central America, and South America.
This particular cyberattack is mining cryptocurrency. Retadup could have been used, though, for more traditional attacks, such as holding Internet of things devices for ransom.
Avast noticed a design flaw in the botnet’s command-and-control server. It would have enabled the antivirus company to remove the malware from affected devices without any need to write any code.
However, Avast wasn’t going to break the law to stop the botnet, even if it would be using the botnet’s flaw. A large portion of the malware’s infrastructure is in France, so the company contacted Cybercrime Fighting Center (C3N) of the French National Gendarmerie.
C3M signed on with Avast’s suggestion to replace the malicious C&C server with a disinfection server. The operation had to be conducted stealthily so as not to tip off the creators of Retadup.
“The malware authors were mostly distributing cryptocurrency miners, making for a very good passive income,” explained Avast, with Jean-Dominique Nollet of C3N noting it was generating several million euros of cryptocurrency.
“But if they realized that we were about to take down Retadup in its entirety,” continued Avast, “they might’ve pushed ransomware to hundreds of thousands of computers while trying to milk their malware for some last profits.”
The mission involving Avast and the French police was successful. As a result, they freed nearly one million devices from the grasp of Retadup, although it’s a likelihood that the malware’s victims never even knew they were infected, let alone that they are free of it.
How do you think this mission between Avast and the French police will affect the future of tech companies and law enforcement working together to prevent further malware attacks on IoT devices? Let us know your thoughts in the comments below.