French police with the help of Avast hacked and forced the self-destruction of the botnet for mining cryptocurrency, which involved 850,000 computers. As TechCrunch reported recently.
Antiviruses were not installed on harmed computers with Windows 7 software. As a result, Retadup virus hijacked them and was able to activate other viruses and spread over other computers using flash drivers. The virus was detected on computers around the world, including Eastern Europe, Asia, Russia, but mostly in Latin America.
Avast specialists discovered the infecting Retadup server in France. Retadup was also used by cybercriminals to mine cryptocurrency. To destroy the botnet, the company turned to the French police for help. In July this year, local prosecutors approved the operation, which led law enforcement agencies to replace the server of hackers on their own - this led to the self-destruction of the virus on infected computers.
French police have described this botnet as "one of the largest networks" of infected computers in the world. Jean-Dominique Nollet, head of the French police's cybercrime department, says that the creators of Retadup have been earning several million euros annually since 2016. However, the destruction of the botnet is not a stop to the intruders, as they can recreate the infecting server at any time. Police are continuing to search for the perpetrators.
Remote disabling of a malicious botnet is a rare achievement, but it is challenging to implement.