Malware has become an unavoidable menace in this digital age and it seems like the good guys are always on the receiving end when it comes to the losses. But the cybersecurity firm Avast and the French Police together have pulled off a rare win over the bad guys as they managed to neutralize 850,000 infections of Retadup malware.
Retadup is a malicious malware that has been infecting Windows systems all over Latin America. The malware is capable of spreading itself and installing additional malware payloads on infected machines. The primary aim of the malware seems to be mining cryptocurrency. In some cases, Retadup has been seen to distribute the Stop ransomware and the Arkei password stealer.
Avast passed on its knowledge on the worm to the French Cybercrime Fighting Center (C3N) and proposed a technique to “disinfect Retadup’s victims.” The C3N took the recommendations and was able to take over the malicious command and control (C&C) server. The C3N replaced the server with a disinfection server which responded to incoming bot requests in a way that caused the connected pieces of malware to self-destruct.
The collaboration between the two cybersecurity organizations happened due to a large presence of Retadup’s C&C infrastructure in France.