Ransomware Kill Chain Whacked As FBI, Secret Service, Europol Attack

Operation Endgame strikes the ransomware access brokers.
The ransomware threat suffered a serious, if not fatal, injury this week as multiple law enforcement actions took aim at the global criminal enterprise. Microsoft led the way in taking down large parts of the infrastructure behind the Lumma Stealer network behind the capture and sharing of compromised credentials. This comes after one leading ransomware group, LockBit, was itself hacked. Now Europol, with help from both the Federal Bureau of Investigation and the U.S. Secret Service, has hit at the very heart of the ransomware kill chain by targeting initial access operators. Here's everything you need to know about the latest Operation Endgame success.
'Cybercriminals around the world have suffered a major disruption,' Europol stated after confirming the latest stage of Operation Endgame, which has significantly impacted the ability of ransomware groups, or more accurately, their affiliates, to execute their malicious attacks. By dismantling the infrastructure used by seven of the leading initial access malware operators, Operation Endgame hopes to strike a blow against the tools that are used to launch most ransomware attacks.
Working alongside the FBI, Secret Service and the Department of Justice in the U.S., as well as other global law enforcement agencies, Europol said in a May 23 statement that it had taken down 300 servers, negated 650 domains and issued international arrest warrants against 20 cybercriminals.
Initial access malware is used to do what it says on the tin: gain initial access to systems and networks in order for ransomware affiliates to be able to then compromise the target and infect it with the ransomware malware itself. While there is a booming industry of initial access brokers, who sell ready-made packages to such affiliates, the availability of such software on a cybercrime-as-a-service basis has seen many bypass the broker and save a bit of money by doing it themselves. Operation Endgame targeted seven of these initial access malware operations, namely:
'By disabling these entry points,' Europol said, 'investigators have struck at the very start of the cyberattack chain, damaging the entire cybercrime-as-a-service ecosystem.' All seven of the malware operations were successfully neutralised by the strikes.
Selena Larson, a staff threat researcher at Proofpoint, which was also involved in the actions, told me that 'the disruption of DanaBot, as part of the ongoing Operation Endgame effort, is a fantastic win for defenders, and will have an impact on the cybercriminal threat landscape.' Not least, it will likely cause a rethink in tactics by imposing a cost on them in terms of legal jeopardy. 'After last year's Operation Endgame disruption,' Larson concluded, 'the initial access malware associated with the disruption, as well as actors who used the malware, largely disappeared from the email threat landscape.' Let's hope the same happens now and the ransomware threatscape shrinks as a result.

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

Chicago Tribune

6 hours ago

• Chicago Tribune

Former EPA administrator, activists react to 'One Big Beautiful Bill'

As President Donald Trump touts a bill currently making its way through Congress as a win for the public, a former regional Environmental Protection Agency administrator is prepared to see devastating cuts to the office that could negatively impact human health. 'It's proposing severe cuts to both the scientific work that EPA's Office of Research and Development does and to the agency as a whole,' said Debra Shore, former administrator for EPA Region 5. 'It would severely reduce the agency's ability to fulfill its mission of protecting public health and the environment.' As the 'One Big Beautiful Bill' Act has passed the U.S. House of Representatives and moved to the Senate, activists nationwide have worried about the consequences. Shore said it's heartbreaking to see public servants at the EPA go through these cuts, especially as the administration tries to make the 'One Big Beautiful Bill' seem like a win. 'I have never worked with a group of such smart, devoted professionals who had a shared sense of mission as EPA employees,' Shore said. 'I know that's the case across the agency. … They could be working for far higher salaries in many cases, but they are dedicated to the foundational mission of the EPA, which is to protect public health and the environment.' On Tuesday and Wednesday, the EPA posted on Facebook, saying it 'delivers for all Americans.' 'One Big Beautiful Bill is putting American workers, taxpayers and families first,' the EPA's Tuesday post said. 'Under (Trump), the U.S. can unleash American energy while ensuring we have the cleanest air, land and water on (Earth).' The bill eliminates hundreds of billions of dollars in Green New Deal tax credits, repeals former President Joe Biden administration's electric vehicle mandates, and opens federal lands and waters to oil, gas, coal, geothermal and mineral leasing, according to the EPA's Tuesday post. According to the Wednesday post, the bill also 'streamlines onerous permitting processes,' refills the Strategic Petroleum reserve and 'delivers certainty to energy producers, saves and creates energy jobs, lowers energy costs for families.' A spokesperson for Sen. Todd Young, R-Indiana, provided a statement about the bill Friday. 'Senator Young continues to have conversations with his colleagues and stakeholders about improving the House-passed bill and addressing our nation's debt and deficit challenges,' said Leah Selk, spokesperson for Young. Representatives for Sen. Jim Banks, R-Indiana, did not respond to a request for comment Friday. Within the bill, the White House would also have the ability to cut federal agencies and reduce workforce, Shore said. 'This is just an utter abrogation of Congress' authority and power,' Shore said. 'It requires an annual report of planned reorganizational moves, and it also streamlines the ability of any future president to rebuild federal agencies because of some of the language in it.' Susan Thomas, director of policy and press for Just Transition Northwest Indiana, said it's concerning that EPA is treating the 'One Big Beautiful Bill' like a win, especially on social media platforms that are easily accessible. 'No one can take any information for granted anymore,' Thomas said. 'You must do your own research with trusted sources because the amount of greenwashing that's coming down is so dangerous. … This is becoming increasingly difficult, but it's more important than ever.' Thomas and Gary Advocates for Responsible Development board member Carolyn McCrady are both worried about the effects that environmental justice communities will face if the bill passes the Senate. McCrady expects public health to worsen as a result of EPA rollbacks. An October report from Industrious Labs found that most residents in Gary are in the top 10% of U.S. residents most at-risk for developing asthma and at-risk of low life expectancy. In 2020, Indiana had a lung cancer rate of 72.5 per 100,000 people, with Lake County as one of the state's counties with the highest cancer mortality rates, according to the American Lung Association. A 2016 JAMA Network report also found Gary as one of the top five U.S. cities with the lowest life expectancy at one point. 'I think people are going to be sicker faster,' McCrady said. 'I don't think people will be able to be served in the medical community in the same way, because in Indiana, millions of people are going to lose their health insurance because of the Medicaid cuts.' Although McCrady believes the EPA cuts are devastating, she isn't surprised to see them included in 'One Big Beautiful Bill.' Cuts will continue to put communities like Gary at a greater disadvantage, McCrady said. Thomas also believes that Northwest Indiana's environmental justice communities will struggle as a result of the 'One Big Beautiful Bill.' 'They've already stripped away all of the environmental justice provisions that had taken years to recognize and acknowledge and to start to put in place,' Thomas said. 'This is just a very sad state that we're in.'

Yahoo

10 hours ago

• Yahoo

South Korea's chief trade negotiator plans US visit June 22-27

SEOUL (Reuters) -South Korea's trade minister Yeo Han-koo will visit the United States from June 22 to 27, the trade ministry said on Saturday. The visit will include discussions with U.S. Trade Representative Jamieson Greer and the third round of bilateral technical discussions, a ministry official told Reuters. Further details about the meetings were not disclosed. "Since a South Korea-U.S. summit has yet to take place and key ministers have not been appointed under the new administration, negotiations are likely to focus on areas that the trade ministry can manage - excluding major issues such as defense cost - sharing and exchange rates," Heo Yoon, an economics professor at Sogang University, said. "Given these circumstances, reaching a comprehensive agreement on key negotiation frameworks and agendas is expected to be challenging." South Korea, which is currently facing a 10% blanket tariff and a 25% country-specific duty temporarily paused for 90 days, agreed with the U.S. during initial trade negotiations in late April to craft a trade deal reducing tariffs by July 8. Asia's fourth-largest economy unexpectedly contracted in the first quarter amid U.S. President Donald Trump's sweeping tariffs and domestic political unrest following former President Yoon Suk Yeol's martial law decree in December.

Yahoo

11 hours ago

• Yahoo

Canadians snapped up U.S. debt in April despite Trump's tariffs, but the bond selloff tanked its value

April's massive bond selloff didn't stop Canadians from buying Treasuries, but it weighed heavily on the value of their holdings. Higher interest rates in the U.S., where the Federal Reserve has been much more patient to cut interest rates than other central banks, have likely spurred demand. Canadians have been ditching all-things American after having enough of U.S. President Donald Trump's threats about tariffs and making their country the '51st state.' Boycotts of U.S. products from whiskey to dog food to Teslas—and a huge pullback in travel across the border—haven't stopped Canadian investors from buying Uncle Sam's debt, though. Trump's chaotic tariff rollout in April marked the high point of the 'Sell America' trade as stocks, bonds, and the dollar all sank. But despite the turmoil in fixed-income markets, Canadians purchased a net $9.2 billion of U.S. government bonds in April, the biggest monthly surge since November 2023. This embedded content is not available in your region. However, the value of Canada's overall holdings fell by roughly $58 billion that same month, according to the most recent data from the Treasury, by far the biggest swing for any of the top 20 foreign owners of U.S. debt. The drop likely reflects that month's massive bond selloff, which may have forced Trump to back off on his so-called reciprocal tariffs. Long-term yields, which spike when bond prices fall, have remained stubbornly elevated with the Federal Reserve—unlike other central banks around the world—patient to cut interest rates. 'You've got this gap emerging with the Fed on hold and the Bank of Canada cutting rates, along with everyone else,' Rob Haworth, a senior vice president and investment strategist at U.S. Bank, told Fortune. The Bank of Canada has slashed rates by 225 basis points over the past nine months, including 25-point cuts in January and March. The Fed, meanwhile, reduced rates by 100 points from September to December last year but has held rates steady so far in 2025. As a result, the 10-year U.S. Treasury yield was 4.38% as markets closed on Friday, while Canada's was at 3.30%. Higher interest rates in the U.S. can make Treasuries appealing to Canadians and other foreign investors, Haworth said, provided they can effectively hedge the risk presented by a weakening U.S. dollar. At the end of January, Canada's private and public sector held a combined $351 billion worth of Treasury securities. That number surged to $426 billion at the end of March before falling to $368 billion in April, the most recent data available. As Federal Reserve economists explained last year, this type of data has long been used as a gauge of foreign demand for Treasuries, particularly among the top three holders: Japan, the U.K., and China. The example of Canada, the seventh-largest owner of U.S. debt, illustrates why this approach is shortsighted, however. After all, Canadian investors bought more Treasuries in April, even as the total value of their holdings declined after revaluing the bonds at current market prices. The big drop suggests America's northern neighbor has heavy exposure to long-dated Treasury notes and bonds, which are much more volatile than short-term Treasury bills. 'Valuation changes often move in the opposite direction of net U.S. sales/purchases and are often large enough to drive overall changes in holdings,' Fed economists wrote last year. 'As such, changes in holdings alone are an unreliable measure of cross-border demand for U.S. or foreign securities.' Foreign investors account for roughly 30% of the U.S. Treasury market, according to Apollo chief economist Torsten Sløk, and their behavior is being closely monitored as the Trump administration pushes for big shifts in global trade and international finance. The U.S. borrows at much better rates than its underlying finances would normally allow, thanks to the dollar's status as the world's reserve currency and confidence that America will always pay its bills. If foreign buyers sour on U.S. Treasuries, however, that could force the Treasury to pay higher yields to bring back buyers. Such a move would put upward pressure on interest rates for mortgages, small-business loans, and other common types of borrowing throughout the economy. Foreign investors held just over $9 trillion worth of Treasuries at the end of April, down only slightly from the record set in March. The decline in the dollar this year, Haworth said, has been much more pronounced than any offloading of Treasuries. That makes sense, he added, because a slowdown in trade affects the flow of dollars first as greenbacks are used in fewer transactions. Changes in the allocation of Treasuries, often held as investments or bank reserves, happen much more slowly. 'There's probably still some fundamental pressure as we suss out where trade and tariffs end up,' he said. The Treasury data from April showed foreign private investors were net sellers of long-term U.S. debt. Government institutions like central banks and sovereign wealth funds were net buyers. More current data suggests the latter trend may have reversed in the months since, though. Holdings by these official entities in the custody of the New York Federal Reserve have declined by $48 billion since late March, prompting Bank of America credit strategists to suggest that 'cracks' in demand from these investors are now visible. Still, it doesn't seem foreigners are dumping U.S. debt just yet. Even angry Canadians. This story was originally featured on Sign in to access your portfolio