Publications
Worldwide investigation against cyber crime crowned by success
News IT & Internet policy 30 May 2024
Together with international partner agencies, the Federal Criminal Police Office (BKA) has staged operation "Endgame", delivering the hardest blow to date against malware groups
In a joint international operation on 28 and 29 May 2024, the Central Office for the Fight against Cyber Crime (ZIT) at the Frankfurt (Main) Public Prosecutor General’s Office and the Federal Criminal Police Office, together with law enforcement agencies in the Netherlands, France, Denmark, the United Kingdom, Austria and the United States and with support from Europol and Eurojust, took down some of the most powerful malware families.
quote:
“This major success in the fight against online crime shows that even on the internet, criminals cannot feels safe.”
Federal Minister of the Interior Nancy Faeser
On the basis of international legal assistance, law enforcement authorities from Portugal, Ukraine, Switzerland, Lithuania, Romania, Bulgaria and Armenia were also involved in the operation
100 servers seized, 1,300 domains bocked and 10 arrest warrants issued
Operation "Endgame" was aimed at combating global cyber crime in the long term, focusing especially on the technical and financial infrastructures used by criminals and taking concerted action against members of several criminal groups that partly cooperated with each other. This way, the law enforcement agencies managed to take down several malware families simultaneously.
Seizure Banner Operation Endgame (Larger version opens in new window)
Source: BKA
Across the world, 100 servers were seized, 1,300 domains used for criminal purposes were blocked, 10 international arrest warrants were issued and four individuals were temporarily detained. Eight arrest warrants were issued in Germany alone.
Furthermore, an order for the seizure of assets totalling 69 million euros was issued against an identified operator and administrator, and 99 crypto wallets with a current total volume of more than 70 million euros were blocked at various cryptocurrency exchanges.
All in all, 16 premises were searched in Armenia, the Netherlands, Portugal and Ukraine, resulting in the seizure of an abundant amount of evidence.
"With today’s police operation we have dismantled the infrastructure that has been used by criminals around the globe to launch massive ransomware attacks to steal and encrypt data with a view to blackmailing the victims,"
Federal Minister of the Interior Nancy Faeser said. The Minister added that ransomware attacks were causing massive economic damage to Germany and that the extent of the investigation’s success had shown "that we are striking back hard and that the dimensions of this type of crime are huge."
The investigations focused on ransomware
The current investigations were primarily targeted at the groups behind the six malware families IcedID, SystemBC, Bumblebee, Smokeloader, Pikabot and Trickbot, which were connected to at least 15 ransomware groups as "droppers"