Germany’s Federal Criminal Police Office (the BKA) announced today that they busted an internation group of phishers, arresting 10 persons and seizing a number of computers together with other evidence. From the press release it’s evident this is a group that has been harassing the world with phishing emails containing Downloader-AAP as an attachment.

Downloader-AAP is ranked first in the list of ‘Top Corporate User Malware’ in our Avert Labs Threat Library. For many months there have been several waves a week of phishing emails sent with new variants of this downloader, that when executed would install some keylogging trojan. The emails typically look like a receipt sent from some company with details supposedly be found in the attached .zip. Some of these emails even claimed to have come from german law enforcement agencies, stating you’ve been caught sharing music, content from your hard disk has been confiscated using the ‘Bundestrojaner’ and the protocol is attached. Like in the example below:

I sincerely hope this is the last we’ve seen from this group.