The domain for a botnet called Beebone has been seized by Europol, in collaboration with Dutch authorities, the U.S. FBI and private security companies.



The police action also included the creation of a sinkhole operation that involved redirecting domains used by the botnet’s command-and-control servers to a server controlled by security companies.

The sinkhole allows for authorities to identify victims so that their ISP's can warn the victims and allow for removal of the malware.

It is not clear how pervasive the botnet was, but initial figures indicate around 12,000 victims. Since the beginning of the year, Symantec has detected about 30,000 attempted infections by Beebone a month.

The Beebone malware, also known as Changeup, is a polymorphic worm that has been around since 2009. It is particularly dangerous because it is used as a platform to distribute additional malware.

Europol’s deputy director of operations, Wil van Gemert,said: “We will continue our efforts to take down botnets and disrupt the core infrastructures used by cybercriminals to carry out a variety of crimes. Together with the EU member states and partners around the globe, our aim is to protect people worldwide against these criminal activities.”

Symantec offers a free tool that can detect and clean Beebone/Changeup infections.

Source: PCWorld