One-Two Punch Delivered in Global Operation Disrupts Cybercrime "Assembly Line"
The operation disrupted 326 servers and 142 domains, and investigators identified more than $47 million in cryptocurrency linked to criminal activity.
- On Wednesday, June 24, 2026, Europol and Microsoft disrupted the Amadey and StealC malware operations as part of Operation Endgame, seizing 326 servers and 142 domains across multiple countries.
- Both Amadey and StealC operate as malware-as-a-service, with Amadey functioning as a modular loader and StealC targeting credentials and cryptocurrency wallets through affiliate-managed infrastructure.
- Investigators identified over $47 million in cryptocurrency linked to criminal activity and recovered approximately 27 million credentials stolen from over 385,000 compromised systems during the operation.
- Security vendor ESET assisted by providing technical analysis and infrastructure tracking; Europol stated the collaboration "increased friction for cybercriminals, making it harder for attacks to succeed."
- Operation Endgame previously targeted malware families including DanaBot, Bumblebee, and SmokeLoader; authorities continue monitoring both Amadey and StealC for attempts to rebuild infrastructure.
25 Articles
25 Articles
One-two punch delivered in global operation disrupts cybercrime "assembly line"
International authorities and a raft of private technology companies say they have disrupted a cybercrime “assembly line” that allowed crooks to collect millions of login credentials and steal more than $47 million in ransom payments and by other fraudulent means. The crux of the operation was the simultaneous targeting of two unrelated tools that are widely used in various online scams. The first is Amadey, a malware-as-a-service platform for c…
Microsoft uses AI to link two malware operations in racketeering suit
Microsoft, its friends, and international law enforcement - with an AI assist - disrupted two widely used pieces of malware and their infrastructure, in what Redmond describes as a novel approach to cybercrime disruption that targets the cyberattack supply chain instead of a single tool or service. “What’s new is how we’re combining AI analysis with an expanded use of that law,” Steven Masada, assistant general counsel for Microsoft’s Digital Cr…
In an internationally coordinated action, investigators have caused a serious blow to criminal actors. In order to stop some of the most used malicious programs worldwide, AI was also used.
Investigators from the European police authority Europol, the Federal Criminal Office and the US company Microsoft have successfully taken action against three malware programs.
Investigators used AI and a new US law for the first time to stop two of the most used malicious programs worldwide. How access to 18,000 victim computers was prevented.
Coverage Details
Bias Distribution
- 70% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium
