By Julie Grant


PITTSBURGH (KDKA) – An international criminal cyber network is destroyed in an operation so massive forty countries were involved.

The U.S. Attorney’s Office in Western Pennsylvania was one of the leading agencies in the effort.

German officials reached out to federal officials in western PA for help in this massive case because of their will and expertise with cyber takedowns.  Federal officials said the ‘Avalanche’ network was used in malware attacks all over the world by using ransomware and banking Trojans to facilitate money laundering and money mule schemes.

“If ‘Avalanche’ was the bridge that allowed malware to proliferate throughout the world, through this operation, we seized control of the bridge and imploded it,” said Soo Song, Acting U.S. Attorney in the Western District of Pennsylvania.

Join The Conversation On The KDKA Facebook Page
Stay Up To Date, Follow KDKA On Twitter

In the course of the cyber takedown officials found 250,000 infected computers in 189 countries with an estimated 20,000 infected computers in the U.S.  Over five people have been arrested outside of the U.S.  Officials Estimate hundreds of millions in money losses worldwide.

“The takedown of ‘Avalanche’ was unprecedented in scope, scale, reach and the level of cooperation among 40 countries,” said Song.

While specific identities are not being released, there are three known victims in Western PA, including an Allegheny County government office hit by a ransomware attack, and businesses in New Castle and Carnegie that were attacked with banking trojans.  Many computer infections took place on the east coast of the U.S. and in Europe, but officials said the heaviest concentration took place in Japan.

“This is the first time we have aimed to and achieved the destruction of a criminal cyber infrastructure while disrupting all of the malware systems that relied upon it to do harm,” said Song. Robert Johnson, FBI Special Agent in Charge, Pittsburgh Division said, “I would like to send a message out to the public, specifically those individuals that continue to conduct these cyber crimes. We look forward to seeing your names on future indictments.”

Officials recommend you check your computer to make sure it’s not already infected. They set up a special website for this, with links to scan your computer.