Unprecedented ‘Avalanche’ Raid Sinkholes 800,000 Domains

A massive botnet, which has been named Avalanche, is responsible for serving as many as 17 different variants of malware that operated since at least 2010 has been shut down by law enforcement officials, according to a statement from the U.S. Department of Justice.

The global, interagency effort between the FBI, Europol, the U.S. Department of Justice and other agencies started November 30, and included law enforcement officials from more than 40 countries. A statement from the U.S. Department of Justice calls the takedown “unprecedented,” saying the efforts are ongoing but look to sinkhole, block or seize more than 800,000 domains deemed as malicious.

The botnet, the statement goes on, involves hundreds of thousands of infected computers, and has been responsible for losses in the hundreds of millions. Arrests and searches were conducted in five different countries, and more than 50 Avalanche servers worldwide have been taken down.

Ars Technica reports that, at one point around 2009, Avalanche was responsible for two-thirds of all phishing attempts. But around 2010, this activity appeared to taper off as the botnet transitioned to other forms of attack, namely police “lockware” that charged a fee to unlock files.

The statement from the U.S. Department of Justice says more information on the takedown will be available “early next week.”