Blog        Forum        Spam        Check & Secure                      
Articles > Botnet taken down through international law enforcement cooperation

Botnet taken down through international law enforcement cooperation

On 24 February, Europol's European Cybercrime Centre (EC3) coordinated a joint international operation from its operational centre in The Hague, which targeted the Ramnit botnet that had infected 3.2 million computers all around the world. The operation involved investigators from Germany, Italy, the Netherlands, and the United Kingdom – who led the operation – along with partners from private industry.

This botnet – a term used to describe a network of infected computers - was used by the criminals running it to gain remote access and control of the infected computers, enabling them to steal personal and banking information, namely passwords, and disable antivirus protection. This malware, infecting users running Windows operating systems, explored different infection vectors such as links contained in spam emails or by visiting infected websites.

Representatives from the various countries, Microsoft, Symantec and AnubisNetworks worked together with Europol officials to shut down command and control servers and to redirect 300 Internet domain addresses used by the botnet's operators. The Joint Cybercrime Action Taskforce* (J-CAT), located at Europol's headquarters, supported the operation. CERT-EU (Computer Emergency Response Team for the EU institutions, bodies and agencies) participated in this operation, relaying information on the victims to their peers, for risk mitigation purposes.

Europol Deputy Director Operations, Wil van Gemert, says: "This successful operation shows the importance of international law enforcement working together with private industry in the fight against the global threat of cybercrime. We will continue our efforts in taking down botnets and disrupting the core infrastructures used by criminals to conduct a variety of cybercrimes. Together with the EU Member States and partners around the globe, our aim is to protect people around the world against these criminal activities."

Microsoft and Symantec have released a remedy to clean and restore infected computers' defences.  For those who fear their computer may have been infected, EC3 recommends downloading specialist disinfection software. For further information please visit or

A remedy to clean and restore infected computers' defences is also EU-Cleaner, available on Anti-Botnet Advisory Center’s website (

The J-CAT was created to serve as a platform for targeted operations against global criminal networks and infrastructure, carried out by EC3 and our colleagues in EU Member States and beyond.

Regarding the security of your computer please consider the following basic rules:

  1. Check your computer for infection.
  2. Install current Service Packs and Security Updates for your system. Activate automatic updates.
  3. Check your internet browser and the embedded plugins (e.g. Java, Flash, Shockwave, Quicktime) regularly for Actuality.
  4. Install a virus scanner and update it regularly.
  5. Use a Firewall e.g. Windows built-in Firewall or a Router.

Good to know

Find out what botnets are, the damage they cause, and how they threaten the data on your computer.

Here you can find small programs and tutorials which enable you to remove a botnet infection from your computer.

In this section you will find many tips on how to protect your computer from infection.

Copyright © 2014-2015 CERT-RO. All rights reserved.