PANews reported on May 31 that according to Crypto Briefing, under the coordinated efforts of multiple countries of Europol, a large-scale operation called "Operation Endgame" was launched to combat the malware dropper ecosystem. The operation was led by France, Germany and the Netherlands and was conducted from May 27 to 29, 2024, targeting a variety of malware droppers including IcedID, SystemBC, Pikabot, Smokeloader, Bumblebee and Trickbot.

The investigation revealed that one of the main suspects earned at least 69 million euros (about $75 million) in cryptocurrency by renting out criminal infrastructure websites to deploy ransomware. Law enforcement agencies are closely monitoring the suspect's transactions and have obtained legal permission to seize these assets in future operations. The press release issued by Europol did not mention any specific cryptocurrency or platform used in the transactions.

During this operation, law enforcement agencies made progress in disrupting the malware ecosystem. Four individuals were arrested, one in Armenia and three in Ukraine. In addition, 16 location raids were conducted in Armenia, the Netherlands, Portugal, and Ukraine. More than 100 servers were shut down or disrupted in multiple countries, including Bulgaria, Canada, Germany, Lithuania, the Netherlands, Romania, Switzerland, the United Kingdom, the United States, and Ukraine. Authorities also took control of more than 2,000 domain names.