Media Coverage

Shadowserver in the news

Bank of the Underworld

The Atlantic, May 15, 2015

Liberty Reserve was like PayPal for the unbanked. Was it also a global money-laundering operation?

Is your PC a part of botnet? Check it!

Kaspersky, April 13, 2015

Many people still think that malware is a software that completely disrupts normal functioning of PCs. If your computer is working tip-top, it means it’s not infected, right? Wrong. Malware creators are not your bored cyber-cowboys anymore. The main goal of cybercriminals is not to make a cyber-badaboom just for kicks, but to earn money. In many cases this goal dictates completely opposite behaviour of malware: the best one is the least visible to users.

Europol leads takedown of Beebone botnet

SC Magazine, April 10, 2015

A joint operation by crime agencies and computer security companies has successfully taken down the Beebone botnet.

Cybersquad takes down Beebone botnet

ZDNet, April 10, 2015

The Beebone botnet, used to deliver multiple malware payloads to compromised machines, has been shut down by US and European forces. On 8 April, Europol’s European Cybercrime Centre (EC3) and the Joint Cybercrime Action Taskforce (J-CAT) teamed up with Dutch law enforcement, the FBI and security firms including Intel, Kaspersky and Shadowserver to disrupt the botnet under the Joint Cybercrime Action Taskforce umbrella.

Takedown Stops Polymorphic Botnet

McAfee, April 9, 2015

The botnet takedown, known as Operation Source, was led by Europol’s European Cybercrime Centre (EC3) and the Joint Cybercrime Action Taskforce (J-CAT). Most EU member states and law enforcement partners around the world coordinated in the action. The Dutch High Tech Crime Unit led the J-CAT effort. The U.S. Federal Bureau of Investigation provided valuable support.

Principles of Malware Sinkholing

Dark Reading, April 6, 2015

The process of sinkholing is an important tool to have in your arsenal when dealing with emerging threats.

Law enforcement nationwide helping people and businesses to guard against cyber crime

NPCC, March 2, 2015

The NCA and police, together with a range of partners from across industry and the public sector, are this week carrying out a range of activity to help businesses and members of the public guard against cyber crime. The NCA has developed customised intelligence reports for internet hosting companies and service providers, acting on data provided by CERT-UK (The UK’s Computer Emergency Response Team) and the Shadowserver Foundation.

NCA action on GameOver Zeus and Cryptolocker

JANET/JISC, June 2, 2014

As you may now be aware, the FBI and NCA are coordinating ‘global day of action’ against the Zeus-P2p and Cryptolocker families of malware. Law enforcement and industry partners will be collaborating to interrupt infrastructure vital to the malware’s operation and to raise public awareness of these threats. As part of this effort the Janet resolver service is directing domains generated by these two botnets to a sinkhole service run by one of our long term partners – Shadowserver.

U.S. Leads Multi-National Action Against GameOver Zeus Botnet and Cryptolocker Ransomware, Charges Botnet Administrator

FBI, June 2, 2014

WASHINGTON, D.C.—The Justice Department today announced a multi-national effort to disrupt the GameOver Zeus botnet—a global network of infected victim computers used by cyber criminals to steal millions of dollars from businesses and consumers—and unsealed criminal charges in Pittsburgh, Pennsylvania, and Omaha, Nebraska, against an administrator of the botnet. In a separate action, U.S. and foreign law enforcement officials worked together to seize computer servers central to the malicious software, or malware, known as Cryptolocker, a form of ransomware that encrypts the files on victims’ computers until they pay a ransom

FBI, European Authorities Go After GameOver Zeus Botnet

ThreatPost, June 2, 2014

Law enforcement agencies in Europe and the United States, including Europol and the FBI, ran a coordinated takedown of the  GameOver Zeus botnet on Friday, seizing servers and disrupting the botnet’s operation.