Intel Security swats Beebone botnet with FBI's help

Worm-like threat

Intel Security has buddied up with the FBI and Europol to bring down a notorious botnet with a sting in its tail.

The polymorphic Beebone botnet, which at its peak in 2014 infected over 100,000 machines in 195 countries, was taken down using tools developed by Intel alongside the FBI, Europol's European Cybercrime Centre, Dutch authorities and various private sector agencies.

"Intel Security is aware of more than five million unique AAEH samples with more than 100,000 machines from 200 countries identified. This kind of takedown could not of happened without the cooperation between police organisations and private companies," said Raj Samani, EMEA CTO at Intel Security.

Intel Security first identified the threat way back in March 2014 and it was only in September 2014, when it had collected sufficient data, that it approached the international cybercrime fighting community for help.

Beebone was dangerous because it allowed other malware to be downloaded to target machines that could include everything from banking password stealers and rootkits to fake antivirus software and ransomware.

100 domains downed

It had a worm-like ability to infiltrate new machines by spreading across networks, removable drives and inside infected ZIP and RAR archive files. The prevention action carried out by Intel and its partners saw the complete eradication of the threat and the takedown of some 100 domains in the process.

Microsoft worked with the FBI in a similar way back in June 2014 when it leant its botnet fighting expertise to get rid of the GameOver Zeus Trojan that was targeting passwords and also tried to pilfer online banking details.