Europol Freezes Millions in Crypto Crime Crackdown

In a decisive strike against cybercriminal activities, Europol has suspended more than €41 million ($47 million) of illicitly obtained cryptocurrency assets. This decisive move marks the culmination of Operation Endgame, an international effort spanning two weeks, aimed at dismantling cybercriminal networks that attack digital wallets using malicious software.

Malware Networks Taken Down

Europol’s operation succeeded in crippling the core systems of three infamous malware variants: SocGholish, Amadey, and StealC. These malicious tools have been employed extensively to pilfer login details and crypto wallet data, which in turn fuel fraudulent activities, account hijackings, and global ransomware attacks.

Europol noted that during this operation’s conclusive phase, over €41 million in crime-tied digital currencies were pinpointed and frozen.

The Amadey malware was noted to provide the initial breach, paving the way for more malware installation. SocGholish, associated with the Russian gang Evil Corp, spreads through deceptive browser alert updates on hacked sites. Typically, these malware start attack sequences that lead to wallet theft or ransomware deployment.

What Were the Key Achievements?

Law enforcement’s joint actions successfully terminated 326 servers and nullified 142 domain names. They recovered approximately 27 million stolen credentials across over 385,000 breached systems. Additionally, about 15,000 infected sites, primarily owned by small businesses, were cleansed in this effort.

Microsoft revealed that over 140,000 devices were affected by Amadey and StealC malware shortly after the operation started. Their Digital Crimes Unit confirmed the takedown of five Cybercrime-as-a-Service groups in the past nine months.

Are Crypto Wallets Under Threat?

Indeed, infostealer malware has risen as a prominent threat to cryptocurrency wallets. These digital pests can illicitly acquire wallet files, keys, and recovery phrases discreetly from affected devices. The spread methods have included fake AI applications, gaming themes, and hacked gaming plugins.

Microsoft indicated that despite being developed by separate entities, Amadey and StealC shared infrastructures, allowing simultaneous targeting by law enforcement.

Earlier phases of Operation Endgame uncovered that login details for over 100,000 crypto wallets had been compromised but remained dormant. Current operations aimed at disabling attackers’ networks have already detected over 18,000 victimized machines.

Authorities caution that while impactful, such actions cannot fully eradicate malware threats, as cybercriminals tend to evolve and persist. A new StealC version was reported just this month. Europol encourages potential victims to utilize platforms like Have I Been Pwned to find out if their credentials have been compromised and take necessary precautions.