German Law Enforcement Officials Receive 2017 M3AAWG J.D. Falk Award for Initiating Global Takedown of Avalanche Malware
TORONTO, Oct. 04, 2017 (GLOBE NEWSWIRE) -- M3AAWG honored two German law enforcement officials today for their work in developing the global public/private collaboration that shutdown a massive malware offensive infecting computers in 189 countries and costing victims over $6 million in ransomware payments. Lower Saxony Chief Police Inspector Jörn Bisping and Senior Prosecutor Frank Lange received the 2017 M3AAWG J.D. Falk Award from the Messaging, Malware and Mobile Anti-Abuse Working group for spearheading worldwide efforts to dismantle the criminalized Avalanche platform.
A video accompanying this announcement is available at http://www.globenewswire.com/NewsRoom/AttachmentNg/e536b838-7da6-4b77-8a95-c5d36f2d5a62
The global cooperative efforts initiated by the German police and prosecutor's office resulted in eight arrests, 500 court orders, 37 onsite searches and 39 servers seized worldwide. Over 800,000 domains were seized, blocked or had their traffic diverted to a safe server rather than one controlled by criminals - a process known as sinkholing - making it the largest law enforcement operation to redirect malicious domains to date.
"There was unprecedented cooperation worldwide, including registries in Russia and China taking down malicious domains, and support from smaller countries with lesser-known domains. We worked out some of the processes for collaborating better, and future takedowns and activities against cybercriminals will move even faster," Bisping said in discussing the award.
A massive and complex criminal platform, Avalanche was used to deploy several attack vectors. Bots on the Avalanche network could determine if the targeted victim was accessing online banking and, if so, would plant key loggers and other malware on these systems to steal the user's login credentials. Other users would be targeted with ransomware malware. The platform also was used to recruit money laundering "mules" with a convoluted scheme to move stolen funds and ransom out of the country of origin by diverting payments between contracted sources.
In announcing the award at the M3AAWG four-day meeting in Toronto, Canada, the organization's Chairman of the Board Severin Walker said, "Global action is the only way to protect our local citizens. It's our professional responsibility to take the initiative in identifying major threats and then reach out to the international community to help confront them. Chief Inspector Bisping and Senior Prosecutor Lange did just this and millions of end-users are much safer now and have benefited from their dedication."
Five Years of Meticulously Detailed Investigation
The work behind the November 30, 2016 global Avalanche takedown started five years earlier when Bisping, with the Lower Saxony Police in Luneburg, began investigating a single cyberattack that appeared to be responsible for 200 local ransomware cases. In 2013, Lange, a senior prosecutor with the Public Prosecutor's Office in Verden, escalated the investigation to include more than 6,000 similar attacks throughout Germany. As the global scope and complexity of the Avalanche platform became known, they reached out to cybercrime experts such as the German Federal Office for Information Security (BSI) and the Fraunhofer-Institut für Kommunikation, Informationsverarbeitung und Ergonomie (FKIE), which eventually analyzed over 130 TB of captured data to identify the botnet server structure.
Lange said, "We realized through reverse engineering and other detailed analysis that Avalanche was more than just a botnet or a network running a few types of malware; it was a complete infrastructure and it would be impossible to stop without the help of other countries. By this time, we were in a position to invite the international community to work with us on three goals: to take down the servers, issue arrest warrants to those running them, and sinkhole all the families of malware we identified on the platform."
In July of 2015, German police officials asked the U.S. Federal Bureau of Investigation for assistance. This eventually led to the international takedown in late 2016 that diverted traffic headed to the known malicious domains to the collaboration team's servers and to the arrests. The investigation and the subsequent operation also involved the European police agency Europol, the European Union's Judicial Cooperation Unit or Eurojust, the U.S. Department of Justice, cybersecurity organizations such as Shadowserver, and investigators and prosecutors in more than 40 countries.
The J.D. Falk Award recognizes a significant achievement that protects end-users and the people working behind the scenes to make a better online world. The 2017 award was announced at the M3AAWG 41stGeneral Meeting in Toronto, Canada, with over 300 cybersecurity participants from around the world at the Oct. 3-5 event. M3AAWG also hosted UCENet (previously known as the London Action Plan) during the week. The M3AAWG 42nd General Meeting will be February 19-22, 2018 in San Francisco, USA.
About the Messaging, Malware and Mobile Anti-Abuse Working Group (M 3 AAWG)
The Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) is where the industry comes together to work against bots, malware, spam, viruses, denial-of-service attacks and other online exploitation. M3AAWG (www.m3aawg.org) members represent more than one billion mailboxes from some of the largest network operators worldwide. It leverages the depth and experience of its global membership to tackle abuse on existing networks and new emerging services through technology, collaboration and public policy. It also works to educate global policy makers on the technical and operational issues related to online abuse and messaging. Headquartered in San Francisco, Calif., M3AAWG is driven by market needs and supported by major network operators and messaging providers.
Media Contact: Linda Marcus, APR, +1-949-887-8887, LMarcus@astra.cc, Astra Communications
M3AAWG Board of Directors: AT&T; CenturyLink; Cloudmark, Inc.; Comcast; dotmailer; Endurance International Group; Facebook; Google; LinkedIn; Mailchimp; Microsoft Corp.; Oath (Yahoo and AOL); Orange; Rackspace; Return Path; SendGrid, Inc.; Vade Secure.
M3AAWG Full Members: 1&1 Internet AG; Adobe Systems Inc.; Agora, Inc.; AOL; Campaign Monitor Pty.; Cisco Systems, Inc.; CloudFlare; Dyn; Exact Target, Inc.; IBM; iContact; Intel Security; Internet Initiative Japan (IIJ); Liberty Global; Listrak; Litmus; Mimecast; Nominum, Inc.; Oracle Marketing Cloud; OVH; PayPal; Proofpoint; Spamhaus; Sparkpost; Sprint; Symantec; and USAA.
A complete member list is available at http://www.m3aawg.org/about/roster.
The issuer of this announcement warrants that they are solely responsible for the content, accuracy and originality of the information contained therein.
Source: Messaging Anti-Abuse Working Group (M3AAWG) via Globenewswire
Följ NASDAQ OMX
Skriv in din e-postadress så får du ett mejl när vi har något nytt att berätta.
Senaste pressmeddelandena från NASDAQ OMX
Nasdaq Welcomes RISE Education Cayman Ltd. (Nasdaq: REDU) to The Nasdaq Stock Market20.10.2017 18:37 | Pressmeddelande
NEW YORK, Oct. 20, 2017 (GLOBE NEWSWIRE) -- RISE Education Cayman Ltd. (Nasdaq:REDU), a leader in China's junior English Language Training (ELT) market, rang the opening bell at the Nasdaq MarketSite in Times Square today in celebration of its initial public offering (IPO) on The Nasdaq Stock Market. Photos accompanying this announcement are available at http://www.globenewswire.com/NewsRoom/AttachmentNg/f59490cf-9a81-4114-92a1-05edcb3f5694 http://www.globenewswire.com/NewsRoom/AttachmentNg/5692f99d-9ed0-4be2-928d-9c94f4b152e8 RISE pioneered the "subject-based learning" teaching philosophy in China, whereby various subject matters, such as language arts, math, natural science and social science are used to teach English. RISE's course offerings use interactive courseware to create an immersive English learning environment that helps students learn to speak and think like a native speaker. In addition, their curricula are des
Concurrent Achieves Sales Milestone for Zephyr Transcode19.10.2017 15:35 | Pressmeddelande
Concurrent Customers Now Transcoding on Three Continents ATLANTA, Oct. 19, 2017 (GLOBE NEWSWIRE) -- Concurrent (NASDAQ:CCUR), a global leader in storage, protection, transformation, and delivery of visual media assets, announced today that Zephyr Transcode, which Concurrent launched last year as an integral part of its content delivery network (CDN) solutions, is now deployed with customers in Asia, Europe and North America. The deployments already support thousands of on-demand assets being transcoded to multiple formats and bit-rates to support any place, any device content availability. Zephyr Transcode supports multiple formats and quality levels including H.264 (MPEG-4) and H.265 (HEVC), strengthening Concurrent customers' capability to provide high-quality standards-based streams to any device their end-users desire. Zephyr Transcode is software-based and capable of running in traditional Central Processing Units (CPU) as well as Gra
German Armed Forces Renews Contract for Hexagon Geospatial Products19.10.2017 15:11 | Pressmeddelande
Defense agency will work closely with Hexagon Geospatial Premium Partner for next two years NORCROSS, Ga., Oct. 19, 2017 (GLOBE NEWSWIRE) -- At the HxGN LOCAL Defense Summit, a conference dedicated to defense and security in Western Europe, Hexagon Geospatial announced that the Bundeswehr Geoinformation Centre (BGIC) recently renewed a large software maintenance contract for Hexagon Geospatial products. The two-year renewal is for more than 100 licenses, mainly within the GeoMedia and ImageStation product families. The contract also includes consulting for workflow optimization. The contract was issued to Geosystems, a Hexagon Geospatial Premium Partner, which will work closely with the local subsidiary of Hexagon Safety & Infrastructure in Bonn and Munich to support BGIC. "The strong Hexagon Geospatial partner network allows our defense customers to benefit from a unique pool of expertise and tradecraft in the areas of remote sensing, GIS, and photog
Novel Preclinical Research Tools Provide Humanized Immune Response to Advance Immunotherapeutic Development, Live Webinar Hosted by Crown Bioscience19.10.2017 14:00 | Pressmeddelande
SANTA CLARA, Calif., Oct. 19, 2017 (GLOBE NEWSWIRE) -- Crown Bioscience, a wholly-owned subsidiary of Crown Bioscience International (TWSE:ticker 6554) and a global drug discovery and development services company providing translational platforms to advance oncology, inflammation, cardiovascular and metabolic disease research, announces a live webinar to be presented by Dr. Michelle Mack, Director of Global Scientific Engagement, entitled "Beyond Syngeneics - Novel Tools for Addressing Human Specificity in Immuno-Oncology." Checkpoint inhibitors like anti-PD-1, anti-PD-L1, and anti-CTLA-4 have revolutionized cancer treatment and have recently gained approval in several cancer types. Despite their potential, immunotherapies face significant development challenges due to the specificity and complexity of the human immune system upon which they act. Crown Bioscience has generated innovative research models to address these obstacles early during preclinical drug development.
Perfectus Aluminum Inc. Responds to Trade Group19.10.2017 13:00 | Pressmeddelande
ONTARIO, Calif., Oct. 19, 2017 (GLOBE NEWSWIRE) -- Perfectus Aluminum Inc. has issued the following: On October 12, 2017 the Aluminum Extruders Council (AEC), an industry group representing largely American aluminum extruders, posted to its blog a false narrative regarding a suit to which Perfectus Aluminum Inc. is a related party. The government is not "seeking unpaid duties from Perfectus for goods brought into the country." Rather, the government is attempting to use a 2017 Department of Commerce determination to assess retroactive antidumping duties on goods imported as early as 2011. It is discouraging that AEC would tout such an obviously egregious government overstep as a "victory" to their members and the industry: were it one of AEC's own members facing such an obvious violation of fair play and due process, it would rightfully argue that government overreach is a threat to manufacturers everywhere. In addition to the hypocrisy of the AEC's promotion of this case, its s
Stillfront Group AB: Stillfront one of Sweden's fastest growing companies19.10.2017 11:00 | Pressmeddelande
PRESS RELEASE October 19, 2017 Stillfront included in Deloitte Sweden Technology Fast 50 Stillfront has been included in Deloitte Sweden Technology Fast 50. Deloitte Sweden Technology Fast 50 is a ranking of Sweden's 50 fastest growing technology companies, based on revenue growth over the last four years. The ranking includes public and private companies, large and small, in all areas of technology, from internet specialists to biotech, digital media technology to life sciences, computers to semiconductors and software to telecommunications. Please find more detailed information (in Swedish) on www.deloitte.se/fast50. Stillfront has since the IPO in the autumn of 2015 recorded a continuous high and profitable growth in revenues rolling 12 months. Since the IPO, Stillfront has increased the number of so-called core products (i.e. games that have more than 5 MSEK in annual revenue rate) from four to fourteen and the number of studi
I vårt pressrum kan du läsa de senaste pressmeddelandena, få tillgång till pressmaterial och hitta kontaktinformation.Besök vårt pressrum