U.S.: Washington, 39 Countries Dismantle Massive Online Criminal Network

The U.S. Department of Justice announced Dec. 5 that the United States had collaborated with 39 other countries and several international law enforcement groups to take down Avalanche, a cybercriminal network that has operated since at least 2010. Avalanche was an intricate network of servers located around the world, which enabled cybercriminals to secretly operate criminal enterprises across international boundaries.

The operation, spearheaded by the U.S. Attorney's office for the Western District of Pennsylvania, appears to have been prompted by an investigation into spear phishing on a local government office and two private companies. The government was the victim of unauthorized file encryption through ransomware, and the two companies and their banks were the victim of monetary theft through GozNym malware. The malware was introduced to employee computers through apparently legitimate invoices. Tracing back the malware, investigators uncovered Avalanche, which enabled users to move and launder stolen money, banking passwords and other sensitive information without detection through its many scattered servers. Investigators also learned of "money mule" schemes, in which large groups of "mules" launder money by purchasing goods with stolen money. Avalanche was advertised online to criminals on encrypted forums