Yes, Even Cybercriminals Can Make Slipups and Enable Law Enforcement Crackdown

Crackdown on bad actors

• Indonesian police arrested GetBilling hackers, a subgroup of the Magecart group, infected over 200 retail websites. The regulators, along with Group-IB researchers, tracked the GetBilling script before they planned to take over them.
• In a coordinated takedown effort, Microsoft disrupted the operations of Necurs botnet that infected more than nine million computers worldwide. This was possible after researchers broke the Necurs DGA - the botnet's domain generation algorithm, the component that generates random domain names.
• ESET experts managed to sinkhole several C2 servers of the VictoryGate botnet that was responsible for infecting about 35,000 devices worldwide.
• Europol arrested hackers belonging to the Infinity Black hacking group for selling stolen user credentials and hacking tools. The crew was tracked after Swiss authorities gained access to a database containing a large number of accounts belonging to Swiss users.

What experts say

• Dan Dahlberg, BitSight’s head of security research, highlighted that the best way to prevent the progress of botnets or malware is to seize their C2 servers.
• For security organizations, honeypots continue to be an effective way to lure cybercriminals in and find out more about their tactics and techniques.

Conclusion