Kindly be advised we cannot cancel subscriptions or issue refunds on the forum.
You may cancel your Bitdefender subscription from Bitdefender Central or by contacting Customer Support at: https://www.bitdefender.com/consumer/support/help/

Thank you for your understanding.

Operation Endgame

Options

Hello, haveibeenpwned indicate that my email address was pwned by OPERATION endgame

"between 27 and 29 May 2024 Operation Endgame, coordinated from Europol’s headquarters, targeted droppers including, IcedID, SystemBC, Pikabot, Smokeloader, Bumblebee and Trickbot."

Does it mean I potentially have been infected by these ? If yes why bitdefender is not detecting it on system scanning ?

Comments

  • Flexx
    Flexx DEFENDER OF THE YEAR 2023 / DEFENDER OF THE MONTH ✭✭✭✭✭ mod
    Options

    If your email address has been listed on Have I Been Pwned, it will also show the company affiliated with it. Note that you were not directly affected by the malicious activity; your email was just part of the company's data breach. Simply changing your account password is all you need to do.

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • Oria
    Options

    the exploit does not mention a specific website, but it says the informations had been obtained with "targeted droppers including, IcedID, SystemBC, Pikabot, Smokeloader, Bumblebee and Trickbot."
    Thus I am asking if it means I would be infected by this, or it would be my email provider ?

    Are you sure it likely doesn't mean I was directly affected by the malicious activity ?

  • Flexx
    Flexx DEFENDER OF THE YEAR 2023 / DEFENDER OF THE MONTH ✭✭✭✭✭ mod
    edited June 10
    Options

    Kindly have a look at the stated FBI link below.

    https://www.fbi.gov/news/press-releases/operation-endgame-coordinated-worldwide-law-enforcement-action-against-network-of-cybercriminals

    Additionally, Operation Endgame: Coordinated Worldwide Law Enforcement Action Against Cybercriminals: The FBI led a multinational operation involving the US, Denmark, France, Germany, the Netherlands, and the UK. They dismantled criminal infrastructure responsible for significant damages worldwide. The operation targeted malware variants like IcedID, Smokeloader, Pikabot, and Bumblebee.

    Hence, you are totally safe.

    @Alexandru_BD, do you want to add or rectify something here?

    Regards

    Life happens, Coffee helps!

    Show your Attitude, when you reach that Altitude!

    Bitdefender Ultimate Security Plus (user)

  • Alexandru_BD
    Options

    Hello @Oria,

    As the press release reveals, 'the malware “droppers” and “loaders” were used to gain access to victim’s computers, either dropping ransomware or other malware used to collect and steal personal and financial login information'.
    But it's uncertain if your credentials were actually leaked this way, it is possible that the data breach occurred someplace else in your case. If you have Bitdefender installed and the system scan doesn't reveal anything malicious, you should be fine.

    Now, even if this operation successfully managed to dismantle the criminal infrastructure responsible for these malicious actions, this doesn't mean that the leaked data is no longer on the web. Breaches are not necessary found on a specific website, they are in compilations of usernames, passwords, phone numbers, etc. found in archives or texts on the Dark Web, in general, so the information can change many hands once leaked.
    I think the main risk when having a leaked email address is that scammers may target you with phishing emails, trying to trick you into revealing sensitive information. Then, you should prepare for an influx of unsolicited emails cluttering your inbox. In severe cases, attackers might use your leaked email address to access your accounts, potentially taking control of them.

    Here's a list of precautions to reduce the risk of your email adress being exposed online in the future:

    • Use strong, unique passwords. Consider a Password Manager for added security
    • Activate Two-Factor Authentication to make it harder for unauthorized access
    • Never share sensitive data through email
    • Be cautious about links and attachments from unknown senders
    • Avoid public Wi-Fi for confidential tasks. Public networks can be risky
    • Hide your primary email address. Utilize email alias features on services like Gmail, Outlook, or Apple Mail

    I hope the information is useful.

    Regards,

    Alex

    Premium Security & Bitdefender Endpoint Security Tools user