A mammoth cybercrime network known as Avalanche has been shut down, following a four-year investigation by German police and a coordinated strike by Europol, the FBI and agencies in many other countries. With a name like a Bond movie title, Avalanche was a sprawling cloud-based network that cybercriminals could rent, using it to distribute malware, ransomware, run phishing campaigns and launder extorted or stolen money.
It was particularly popular due to its anonymity, evading takedowns and the feds by using what’s called a double fast flux technique. Almost as impressive as the scale of the network were the lengths taken to protect it. It relied on thousands of new domain names being generated every day, with each one changing both IP address and DNS server every five minutes.