Following Operation Endgame, law enforcement agencies have intensified efforts to target Smokeloader botnet customers. These customers, who used the botnet for various malicious activities, faced consequences such as arrests and interrogations. The Smokeloader botnet, operated by a threat actor known as “Superstar,” allowed cybercriminals to access victim machines in exchange for a fee. Authorities seized a critical database during Operation Endgame, which contained the identities of these cybercriminals, helping them track down individuals linked to the botnet.
Europol confirmed that the investigation has led to the identification of several individuals involved in the criminal activities.
These individuals were tracked using their online aliases, which were connected to real-world identities through digital evidence. While some suspects have cooperated with authorities, others remain at large, and warrants have been issued for their arrest. The operation has revealed that the botnet’s customers were involved in deploying ransomware, keyloggers, cryptominers, and other harmful payloads for profit.
The follow-up investigation not only targeted the operators of Smokeloader but also focused on the demand side of the malware-as-a-service ecosystem. Customers who resold access to the botnet for inflated prices have been identified and added to the investigation. Europol has set up a dedicated website to provide updates and allow the public to report any additional information.
This platform is also available in Russian to encourage global cooperation in the fight against cybercrime.
Operation Endgame, which continues to unfold, demonstrates the effectiveness of international collaboration among law enforcement agencies. Agencies such as the FBI, RCMP, and Europol have worked together to share intelligence, conduct forensics, and plan coordinated actions. The success of the operation sends a clear message that cybercriminals, even those operating anonymously, will be held accountable for their actions. The operation’s long-term impact on the cybercrime landscape remains to be seen, as authorities continue to pursue justice.
Reference:
