Emotet: World’s Most Dangerous Malware Taken Down By Police

by Vrinda Jain
Emotet: World’s Most Dangerous Malware Taken Down By Police

January 31, 2021

The cartel of cybercriminals and hackers - the "most dangerous malware" network globally: EMOTET - has been disbanded by the international authorities.

For more than half a decade, the malware known as Emotet has threatened the internet, expanding into one of the largest botnets globally and threatening victims with data theft and destructive ransomware. A widespread, multinational police investigation has helped to take down Emotet and arrest many suspected members of the massive fraud behind them.

Emotet: The Threat To Your Data

The Emotet Banking Trojan was reported for the first time by cybersecurity experts in 2014. Emotet was initially created as a banking malware that tried to sneak into your computer and steal confidential and private information.

Later versions of the programme saw spamming and malware distribution services, among other Trojan banking services. Emotet uses a feature that lets the programme avoid detection by specific anti-malware devices. It uses worm-like features to help expand to other linked devices.

Emotet, the world’s most dangerous malware, has been disrupted ahead of Data Privacy Day 2021.

How Does The Malware Spread?

The malware is mainly spread by spam emails. The virus can occur via a malicious script, macro-enabled document files, or a devious connection. Emotet emails may contain familiar branding that looks like a trusted mail. It can try to induce users to click on malicious files by using the enticing language of “Your Receipt,” “Payment Details,” or, perhaps, an upcoming shipment from well-known parcel companies.

Emotet has passed through a couple of iterations. Early versions have come as a malicious JavaScript file. Later versions have developed to use macro-enabled documents to download the virus from command and control software runs by hackers.

Emotet also uses C&C servers to receive alerts. This functions in the same way as the user interface update your PC and can occur smoothly without any visible signs. This allows attackers to download modified versions of the app, add additional malware, such as other banking Trojans, or serve as a dumping ground for hacked data, such as financial certificate, passwords, and email addresses.

How Did The Police Track Them Down?

Police in Germany, Lithuania, the United States, the United Kingdom, France, Netherlands, Canada and Ukraine, operating as part of the Joint task force organised by Europol, seized control of several hundred internet servers used to manage control Emotet.

Europol identified the network as a “go-to platform for cybercriminals” and a “primary door opener for international computer networks.” Police forces from at least eight different countries have joined up to disrupt and eventually hijack the services of Emotet, take charge and bring it down from the inside.

Jeopardised Systems

The victims’ compromised systems have since been diverted to law policing infrastructure, and Ukraine’s general prosecutor said the police had raided Kharkiv City to apprehend hackers and confiscate their computers.

Police have also seized large quantities of currency, gold bars and computer drives. Those arrested face up to 12 years in jail. The bust is a significant victory for international cybercrime authorities. The German Federal Criminal Police Office (BKA) said in a statement, “Emotet is regarded as the most dangerous malware in the world”.

The collapse of the Emotet is a massive blow to foreign organised Internet crime. Several servers under Dutch police control will be sending Emotet software updates that will disable the malware on infected systems.

That update also includes a code to uninstall Emotet by March 25 of this year. This will also allow experts to examine current device infections to see what other forms of malware may have been spread.

Recommended for you

Leave a Comment

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More