[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Avalanche botnet takedown
- Subject: Avalanche botnet takedown
- From: anthony.kasza at gmail.com (anthony kasza)
- Date: Thu, 1 Dec 2016 12:02:50 -0700
- In-reply-to: <[email protected]>
- References: <[email protected]>
>From my understanding Avalanche wasn't a single botnet but was high
availability infrastructure used by multiple different families/operators.
On Dec 1, 2016 10:37 AM, "John Levine" <johnl at iecc.com> wrote:
> Avalanche is a large nasty botnet, which was just disabled by a large
> coordinated action by industry and law enforcement in multiple
> countries. It was a lot of work, involving among other things
> disabling or sinkholing 800,000 domain names used to control it.
> More info here:
> As both items point out, if your users are infected with Avalance,
> they're still infected, but now if you disinfect them, they won't get
> reinfected. At least not with that particular flavor of malware.