External Content

The following content is sourced from external partners. We cannot guarantee that it is suitable for the visually or hearing impaired.

A man holds a laptop computer as cyber code is projected on him in this illustration picture taken on May 13, 2017. REUTERS/Kacper Pempel/Illustration

(reuters_tickers)

AMSTERDAM (Reuters) - A joint operation involving Germany, the United States and Belarus has taken down a malware system known as "Andromeda" or "Gamarue" that infected more than 2 million computers globally, Europol said on Tuesday.

Andromeda is best described as a "botnet", or group of computers that have been infected with a virus that allows hackers to control them remotely without the knowledge of their owners.

The police operation, which involved help from Microsoft, was significant both for the number of infected computers and because Andromeda had been used over a number of years to distribute new viruses, said Europol spokesman Jan Op Gen Oorth.

"Andromeda was one of the oldest malwares on the market," added the spokesman for Europol, the EU's law enforcement agency.

Authorities in Belarus said they had arrested a man on suspicion of selling malicious software and also providing technical support services. It did not identify the suspect.

Officers had seized equipment from his offices in Gomel, the second city in Berlaus, and he was cooperating with the investigation, the country's Investigative Committee said.

Op Gen Oorth said the individual is suspected of being "a ringleader" of a criminal network surrounding Andromeda.

German authorities, working with Microsoft, had taken control of the bulk of the network, so that information sent from infected computers was rerouted to safe police servers instead, a process known as "sinkholing."

Information was sent to the sinkhole from more than 2 million unique internet addresses in the first 48 hours after the operation began on Nov. 29, Europol said.

Owners of infected computers are unlikely to even know or take action. More than 55 percent of computers found to be infected in a previous operation a year ago are still infected, Europol said.

Information about the operation has been gradually released by Europol, the U.S. Federal Bureau of Investigation and Belarus's Investigative Committee over the past two days.

(Reporting by Toby Sterling; Editing by Keith Weir)

Neuer Inhalt

Horizontal Line


subscription form

Form for signing up for free newsletter.

Sign up for our free newsletters and get the top stories delivered to your inbox.







Click here to see more newsletters

WEF 2018

WEF Teaser 2018

Podcast

Reuters