Overview
- Between November 10 and 14, authorities coordinated from Europol’s Hague headquarters to dismantle infrastructure tied to the three malware services.
- Investigators took down more than 1,025 servers and seized 20 domains as part of the action targeting the infostealer, RAT, and botnet ecosystems.
- Europol reported hundreds of thousands of infected computers holding several million stolen credentials and access to over 100,000 cryptocurrency wallets.
- Have I Been Pwned added data from the operation on November 13, including 2 million impacted email addresses and 7.4 million passwords.
- Shadowserver distributed a historical infections report to 201 national CSIRTs and over 10,000 network owners to help identify compromised machines and notify victims.