With joint efforts by the authorities of the Netherlands, Germany, the United States, the United Kingdom, France, Lithuania, Canada and Ukraine, Europol said the Emotet botnet has been dismantled. It was described as the world’s most dangerous malware.
Bye-bye botnets👋 Huge global operation brings down the world’s most dangerous malware.
Investigators have taken control of the Emotet botnet, the most resilient malware in the wild.
Get the full story: https://t.co/NMrBqmhMIf pic.twitter.com/K28A6ixxuM
— Europol (@Europol) January 27, 2021
Primarily the malware spread via email, using infected attachments disguised as Word documents.
«Emotet became so dangerous because the malware was offered for rent to cybercriminals to install other types of malware on the victim’s computer, such as banking trojans or ransomware», Europol said.
As a result of the operation, law enforcement gained control over the botnet’s infrastructure and disrupted its operation.
The Dutch authorities said that two of the three main Emotet command servers were located in their country. They used their access to the command servers for deploying an update on all infected hosts.
It contains a special code that will remove Emotet from all infected devices on 25 April 2021.
Experts say that this will essentially reboot Emotet and botnet operators will have to “start from scratch.”
Dutch authorities also uncovered a database with email addresses, usernames and passwords stolen using Emotet.
The Ukrainian cyberpolice identified two suspects — Ukrainian citizens believed to be facilitating the botnet’s infrastructure.
Together with international colleagues, a transnational group of hackers has long distributed one of the most dangerous malware “EMOTET”
Details: https://t.co/dljxHVS608 pic.twitter.com/LKw7LA0mFc
— Cyberpolice Ukraine (@CyberpoliceUA) January 27, 2021
According to available data, the damage from Emotet’s activity to banks and financial institutions in the US and the EU amounted to $2.5 billion.
Head of the Operational Division of the European Cybercrime Centre Fernando Ruiz stated that Emotet participates in 30% of all malware attacks.
«For a long time, Emotet has been our number one threat», said he.
Earlier the US authorities, together with Bulgarian law enforcement, conducted an operation aimed at disruption of NetWalker ransomware operations.
Subscribe to ForkLog news on Telegram: ForkLog Feed — all the news, ForkLog — the most important news and polls.