This blog post was written by Vincent Weafer.
On October 2 at Virus Bulletin’s VB2015 conference in Prague, Virus Bulletin Editor Martijn Grooten announced that Anand Bodke, Abhishek Karnik, Sanchit Karve, and Raj Samani from McAfee Labs have won the Péter Ször Award. The award is given annually for the best piece of technical security research published during the year.
Sanchit Karve accepts the Péter Ször Award on behalf of the coauthors.
The team won for their report Catch Me If You Can: Antics of a Polymorphic Botnet, which details the worm known as W32/Worm-AAEH, VObfus, Beebone, and other names; the botnet used to download it; and, most important, the joint public-private takedown operation that led to its demise.
In fact, it was the cooperative and collaborative nature of the investigation and takedown that was key to the success of the operation, which took place in early April. McAfee Labs and Shadowserver worked together to develop the necessary threat intelligence that became the technical basis for the takedown. Research results from that investigation can be found in the report.
The takedown, known as Operation Source, was led by Europol’s European Cybercrime Centre (EC3) and the Joint Cybercrime Action Taskforce (J-CAT). Most EU member states and law enforcement partners around the world coordinated in the action. The High-Tech Crime Unit of the Dutch Police Services Agency led the J-CAT effort. The U.S. Federal Bureau of Investigation provided valuable support.
Operation Source clearly demonstrates the value of public-private partnerships to combat cybercrime. From the outset, the work of identifying the threat was shared with appropriate law enforcement agencies, and the analysis was shared with other security companies to maximize global remediation efforts.
Grooten noted that “Research like this helps make everyone more secure, which was also the case for the enormous amount of research the late and great Péter Ször performed. As such, these researchers are worthy winners of the second Péter Ször Award.”
I am very proud of the team’s expert analysis and the way in which they worked together with global law enforcement to take this criminal operation offline.