Global fraud rings are nothing new under the sun these days. With the rise of deep web activity, criminals have created platforms to communicate and collaborate on a global scale. Avalanche, one of the largest global fraud rings in the world, has now been dismantled. This is a major boon for law enforcement agencies, although the threat is far from over.
The Avalanche global fraud ring has been a thorn in the side of police officials for quite some time now. This project serves as a distributed cloud hosting network, which is often rented out to fraudsters. In fact, Avalanche has been used for over seven years and contributed to multiple malware and phishing attacks all over the world.
Europol, together with law enforcement agencies, worked together for four years to bring Avalanche to an end. Five individuals were arrested on November 30, and a total of 39 web servers have been seized and shut down. Moreover, the global fraud ring scheme spanned 830,000 domain names, which are put out of business as well.
Avalanche is Just One of Many Global Fraud Rings
This crime-as-a-service business model has seen its fair share of success in the past few years. Scammers, spammers, carders, and phishers all made use of this infrastructure at some point. In fact, one could argue Avalanche is one of the pillars of global cybercrime. Moreover, the service is responsible for major e-commerce and bank credential thefts over the years. Several banking Trojans have been deployed through this infrastructure as well.
The UK National Crime Agency explained the situation as follows:
“Cyber criminals rented the servers and through them launched and managed digital fraud campaigns, sending emails in bulk to infect computers with malware, ransomware and other malicious software that would steal users’ bank details and other personal data, At its peak 17 different types of malware were hosted by the network, including major strains with names such as goznym, urlzone, pandabanker and loosemailsniffer.At least 500,000 computers around the world were infected and controlled by the Avalanche system on any given day.”
Do not be mistaken in thinking this global fraud ring was decentralized by any means. Even though its creators made sure servers were located all over the world, but that is not the same. Instead, the fast-flux hosting method allows botnets to hide delivery sites behind a constantly changing network of compromised services.
For the time being, it is unclear if the Avalanche global fraud ring enabled Bitcoin scam sites as well. Given the sheer amount of malicious cryptocurrency investing sites, it is not unlikely similar services are used by criminals. Global fraud rings are a significant threat to our society, and the shutdown of Avalanche is a major victory. However, that does not mean cybercrime threats will subside all of a sudden.
Header image courtesy of Shutterstock