The 3rd of December 2015 saw Europol’s European Cybercrime Centre (EC3) and Joint Cybercrime Action Taskforce (J-CAT), alongside other enforcement agencies, partnered with Microsoft and other members of the private sector disrupt one of the most widespread malware families – Win 32 / Dorkbot. Since its discovery in 2011, this malicious software has infected over a million computers in 190 countries.
Commonly spread via USB flash drives, instant messaging programmes and social networks, Dorkbot causes damage by opening a backdoor on the infected computer, allowing for remote access and potentially turning it into a botnet. The Dorkbot worm gained publicity in late 2011 for an attack on a leading social media’s chat system, with users receiving a message with a bogus link that appeared to come from one of their friends on this platform. Investigators are in the process of determining the number of victims around the world that have been impacted by this botnet.
Wil van Gemert, Europol’s Deputy Director Operations, said: “Botnets like Dorkbot have victimised users worldwide, which is why a global law enforcement team approach working with the private sector is so important. Europol is pleased to join forces with its law enforcement and private sector partners to defeat malicious botnets that have the potential to impact millions of victims.”