Global Operation Endgame Disrupts Amadey Botnet and Stealc Infostealer

ESET Research participated in Operation Endgame, a coordinated effort to disrupt the Amadey botnet and Stealc infostealer. This operation involved multiple organizations, including Microsoft and Europol, targeting the infrastructure used by these malware services. Amadey acts as a modular malware loader, while Stealc is an infostealer that targets sensitive data. The operation revealed high detection rates for Amadey in countries like India and Turkey, and for Stealc in the United States and Poland. ESET provided critical threat intelligence, including command and control server information and encryption keys. The disruption aims to significantly cripple the operations of these cybercriminal services. Both malware families are sold as services on darknet forums, highlighting the ongoing threat posed by malware as a service (MaaS). The operation reflects a global effort to combat cybercrime and protect users from these threats.

Key Points: • ESET contributed to disrupting the Amadey botnet and Stealc infostealer. • Operation Endgame involved collaboration with Microsoft, Europol, and other partners. • Amadey and Stealc are sold as services on darknet forums, targeting global users.