Recently authorities from the U.S., Germany, Belarus, and the European Union took down the Andromeda botnet and arrested its mastermind.
It’s a big deal, because the botnet had infected more than 2 million computers, and because the mastermind was arrested in Belarus, which has begun cracking down on cybercrime despite otherwise being close to Russia. Russia and some of the other former Soviet republics are notorious havens for cybercriminals.
But the botnet threat isn’t over. In fact, the threat isn’t over even from this particular botnet. Not only was the software running it available on the Black Market — so that anyone could go and set a similar botnet up — but the takedown involved just the command-and-control servers, not cleaning up all the infected machines.
According to Europol, a similar botnet called Avalanche was taken down a year ago but 55 percent of the machines that were originally infected are still infected today.