1. Website Planet
  2. >
  3. News
  4. >
  5. International Authorities Take Down Malware Network
International Authorities Take Down Malware Network

International Authorities Take Down Malware Network

Andrés Gánem Written by: Andrés Gánem
Maggy Di Costanzo Reviewed by: Maggy Di Costanzo
Last updated: June 06, 2025
A joint anti-malware operation by EU, US, and Canadian authorities took down over 300 servers, issued 20 international arrest warrants, and seized over €3.5 million in cryptocurrency. The coordinated effort happened between May 19 and May 22, according to the European Union Agency for Criminal Justice Cooperation (Eurojust).

Eurojust led the seven-country operation in conjunction with the European Union Agency for Law Enforcement Cooperation (Europol).

The action follows a May 2024 operation dubbed “Operation Endgame,” which Eurojust claims was the “largest ever operation against botnets.” Botnets are networks of compromised devices infected by malware and centrally controlled by a malicious actor. Operation Endgame included actions such as taking down botnets, arresting cybercrime suspects, and freezing illegal proceeds.

The operation disrupted “initial access malware,” which gives malicious actors access to a computer or device so they can later install various types of malware, such as infostealers, spyware, and ransomware, into the victim’s device. This initial access malware usually starts as infected Word or PDF files sent to various users through email attachments.

Malware targeted by Operation Endgame (also referred to as “droppers”) included popular programs such as IcedID, Pikabot, Smokeloader, Bumblebee, and Trickbot. The operation that took place in early May, called Endgame 2.0, targeted the successor programs to the ones disrupted in 2024.

The total amount of the seized funds since 2024 is over €21.2 million. Eighteen suspects identified by German authorities are expected to appear on the EU’s most wanted list by May 30.

“As these variants are at the beginning of the cyberattack chain, disrupting them damages the entire ‘cybercrime as a service’ ecosystem,” writes Eurojust in its May 23 press release.

“This new phase demonstrates law enforcement’s ability to adapt and strike again, even as cybercriminals retool and reorganise. By disrupting the services criminals rely on to deploy ransomware, we are breaking the kill chain at its source,” said Catherine De Bolle, Europol’s Executive Director.

Operation Endgame will continue its efforts for the foreseeable future, publishing progress updates on its dedicated website.

Targeting initial access malware represents a crucial step in preventing data leaks, spyware attacks, and more in a time when cybercrime is ramping up. In late May, a suspected infostealer data breach exposed over 182 million logins and passwords.

Andrés Gánem
Andrés Gánem
Andrés writes about a variety of topics aimed at helping business owners and merchants grow and manage their ventures. These topics include (but are not limited to) website building, web hosting, project management software, and credit card processing. Andrés has 3+ years of experience as a writer and content creator. He’s also worked as a project manager, website designer, and social media manager for a variety of science communication groups.

Follow our experts on
Rate this Article
4.0 Voted by 2 users
You already voted! Undo
This field is required Maximal length of comment is equal 80000 chars Minimal length of comment is equal 10 chars
Any comments?
Reply
View %s replies
View %s reply
More news
Show more
Reply to
0 out of minimum 50 characters
Complete your reply Complete your comment
The name is too short The name is too long The name contains invalid characters
The email is required The email is incorrect
Thank you, - your comment was submitted successfully!
We check all user comments within 48 hours to make sure they are from real people like you. We're glad you found this article useful - we would appreciate it if you let more people know about it.
Popup final window
Share this blog post with friends and co-workers right now:
1 1 1
Thank you, , your comment was submitted successfully!

We check all comments within 48 hours to make sure they're from real users like you. In the meantime, you can share your comment with others to let more people know what you think.

Thank you for signing up!

Once a month you will receive interesting, insightful tips, tricks, and advice to improve your website performance and reach your digital marketing goals!

1 1 1

So happy you liked it!

Share it with your friends!

1 < 1 1

Or review us on 1

3672783
50
5000
143201476