Advancing UK Aerospace, Defence, Security & Space Solutions Worldwide
  • Home
  • /
  • Security
  • /
  • NCA part of international op to destroy cyber crime services

Security

NCA part of international op to destroy cyber crime services

The National Crime Agency (NCA) has dismantled the servers of prominent malware ‘droppers’ which have enabled cyber criminals to conduct ransomware attacks around the world.


Image courtesy NCA

EndgameDroppers are a type of malicious software which, when downloaded onto a victim’s system, allow criminals to bypass security measures and deploy additional harmful malware, including ransomware.

The activity was part of a coordinated international operation targeting dropper strains including Bumblebee, IcedID, Smokeloader and Pikabot, which were taken offline last month (w/c 27th May).

Advertisement
ADS S&P RT

The operation was led by France, Germany and the Netherlands but also involved law enforcement partners in Denmark, Eurojust, Europol and the United States.

NCA cyber crime specialists mapped out the criminal infrastructure and shut down the servers of both IcedID, as part of wider US-led activity and Bumblebee, in activity which was led by the German authorities.

These particular droppers have been crucial in facilitating the most harmful cyber threats faced by the UK and across the world, causing several hundreds of millions in losses to governments and companies.

They were available to purchase on the dark web and were usually distributed to victims as attachments via mass spam email campaigns.

Anyone attempting to access the dropper sites will now be met with a law enforcement splash page, explaining that the network has been seized and is no longer available for use.

Advertisement
Cranfield

International partners have identified cyber criminals from across the dropper network, some of whom were involved in the development of the malware. They will be deanonymised over the coming months via a purpose-made domain, https://www.operation-endgame.com, as well as posted directly on to dark web cybercrime forums. In some cases, the targets have been emailed directly.

A total of four arrests were made across Armenia and Ukraine. Worldwide, over 100 servers were taken down or disrupted, and about 2,000 domain names are now under the control of law enforcement.

Paul Foster, Director of Threat Leadership at the National Crime Agency, said: “These droppers provided the building blocks for criminals to carry out serious cyber attacks, which have caused immense damage to victims in the UK and across the globe.

“Collaborative international investigations such as this are the most impactful way to disrupt the most harmful cyber criminals and degrade the tools and services which underpin their operations.

“I would urge any businesses that may have been a victim of cyber crime to come forward and report such incidents to law enforcement.”

Advertisement
Aviation Africa LB Aviation Africa LB
Home Office and IBM to partner on Emergency Services Network

Security

Home Office and IBM to partner on Emergency Services Network

16 January 2025

The UK's frontline emergency services are to benefit from a new communications network that will modernise how they work together.

DEA Aviation secures export finance package

Aerospace Security

DEA Aviation secures export finance package

16 January 2025

Nottinghamshire based aerial data-acquisition company, DEA Aviation Limited, has secured Santander UK funding supported by UK Export Finance (UKEF).

HRH The Princess Royal opens Capita’s FSC Immersive Skills Lab

Security Events

HRH The Princess Royal opens Capita’s FSC Immersive Skills Lab

16 January 2025

HRH Princess Anne has opened a new Immersive Skills Lab, a purpose-built, fully flexible learning space at Capita’s Fire Service College (FSC), created to support practical and collaborative firefighter training and skills development.

Serco selects new legal panel

Defence Security Space

Serco selects new legal panel

16 January 2025

Serco has selected a new panel of four law companies to provide legal services to its UK & European business for the next three years.

Advertisement
ADS S&P RT
ODU Connectors back at Southern Manufacturing & Electronics

Aerospace Defence Security Space Events

ODU Connectors back at Southern Manufacturing & Electronics

16 January 2025

ODU-UK Ltd will once again be showcasing their connector solutions at Southern Manufacturing & Electronics, taking place at the Farnborough International Exhibition Centre from 4th to 6th February.

Getac launches ZX10 fully rugged Android tablet

Security

Getac launches ZX10 fully rugged Android tablet

15 January 2025

Getac has launched its next generation ZX10 10-inch fully rugged Android tablet, which combines lightweight design with powerful AI-ready performance and intuitive Android functionality for use in the field.

Advertisement
ADS S&P RT