Operation Avalanche
On December 1st the United States, United Kingdom, and Europe publicly stated that they were involved in the dismantlement of a international cyber based crime scheme nicknamed “Avalanche”. Avalanche was a distributed, cloud-hosting network that has been used for countless cyber crimes over the past seven years. Avalanche overall consisted of 39 Web servers and 830,000 web domains. It’s foundation as a criminal cloud-hosting environment attracted scammers, spammers and has been a major source of Cyber-crime for years. In 2009, when investigators say the fraud network first opened for business, Avalanche was responsible for funneling roughly two-thirds of all phishing attacks aimed at stealing usernames and passwords for bank and e-commerce sites. By 2011, Avalanche was being heavily used by crooks to deploy banking Trojans.
“At least 500,000 computers around the world were infected and controlled by the Avalanche system on any given day.”
The Avalanche network was especially resilient because it relied on a hosting method known as fast-flux, a kind of round-robin technique that lets botnets hide phishing and malware delivery sites behind an ever-changing network of compromised systems acting as proxies
Visualization of how Avalanche worked: