The Retadup botnet was first detected back in 2017 as the botnet was growing and taking over vulnerable networks quickly. However, the Retadup botnet was finally shut down after cybersecurity researchers and the law-enforcement authorities in France managed to locate the C&C (Command & Control) servers of the botnet and seized the equipment. At its peak, the Retadup botnet boasted over 850,000 compromised devices that were used for mining cryptocurrency and for launching DDoS (Distributed-Denial-of-Service) attacks.
The Retadup malware has an impressive list of capabilities. It can:
- Collect data from the compromised host and send it to the C&C servers of the attackers.
- Self-replicate to further propagate itself.
- Plant a cryptomining module, which mines for the Monero cryptocurrency.
Once the French authorities took over the servers of the Retadup botnet, they discovered mere $4,500 generated on the Monero wallets of the cyber crooks. However, it is likely that this is just a tiny fraction of the cash that the cybercriminals responsible for the Retadup botnet have collected. When the authorities took over the operation, they sent a kill-switch command to all the 850,000 active copies of the Retadup malware. This wiped off the pest from all the infected systems successfully.
It is likely that the operators of the Retadup botnet may have sold access to the network to other shady individuals. The Retadup malware's attack was often followed by the introduction of additional malware (infostealers or ransomware) at later stages - this is likely to mean that the criminals were selling access to infected devices.
Make sure you obtain a reputable anti-malware tool to protect your system from threats like the Retadup malware and avoid becoming a part of a botnet scheme.
Do You Suspect Your PC May Be Infected with Retadup & Other Threats? Scan Your PC with SpyHunterSpyHunter is a powerful malware remediation and protection tool designed to help provide PC users with in-depth system security analysis, detection and removal of a wide range of threats like Retadup as well as a one-on-one tech support service. Download SpyHunter's FREE Malware Remover
Security Doesn't Let You Download SpyHunter or Access the Internet?Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
- Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
- Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
- Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in "Safe Mode with Networking" and install SpyHunter in Safe Mode.
- IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.
This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your PC. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.