1 Dec
2016
1 Dec
'16
12:34 p.m.
Avalanche is a large nasty botnet, which was just disabled by a large coordinated action by industry and law enforcement in multiple countries. It was a lot of work, involving among other things disabling or sinkholing 800,000 domain names used to control it. More info here: https://www.europol.europa.eu/newsroom/news/%E2%80%98avalanche%E2%80%99-netw... http://blog.shadowserver.org/2016/12/01/avalanche/ As both items point out, if your users are infected with Avalance, they're still infected, but now if you disinfect them, they won't get reinfected. At least not with that particular flavor of malware. R's, John