Article
Cloud & Cybersecurity

Emotet botnet malware taken down by global police sting

By William Smith
January 28, 2021
undefined mins
Emotet was first discovered as a banking Trojan in 2014, and allowed cybercriminals to gain unauthorised access to computer systems across the globe...

A botnet dubbed the “world’s most dangerous” has been disrupted by global police action, Europol has announced.

A botnet is created when malware overtakes a number of devices, linking the infected instances together. The size can grow exponentially as infected devices are added to the network and its computing power increases.

A long-standing threat

Emotet was first discovered as a banking Trojan (a malware that relies on misleading users into installing it) in 2014, and allowed cybercriminals to gain unauthorised access to computer systems across the globe. Attackers would then sell access to other criminal groups for purposes such as data theft or extortion.

A press release from Europol advised vigilance, saying: “cybersecurity awareness is essential to avoid falling victim to sophisticated botnets like EMOTET. Users should carefully check their email and avoid opening messages and especially attachments from unknown senders. If a message seems too good to be true, it likely is and emails that implore a sense of urgency should be avoided at all costs.”

Part of the danger of Emotet was its method of spreading - via infected word document email attachments. A prompt would be sent once the file was opened, at which point the malware could be installed on a computer.

Collaboration leads to success

Defeating the botnet required collaboration from police authorities in the Netherlands, Germany, the United States, the United Kingdom, France, Lithuania, Canada and Ukraine. Authorities gained control of the infrastructure, allowing them to take EMOTET down from the inside. Further, a database of compromised email addresses, usernames and passwords was released and published.

Commenting, Kimberly Goody, Senior Manager of Cybercrime Analysis, Mandiant Threat Intelligence, said: “Emotet has consistently remained one of the most widely distributed malware families in recent years. Between October 2020 and January 2021, we observed Emotet distribute multiple malware variants that have been used to enable ransomware operations, so it is plausible that this Emotet disruption may reduce the immediate victim pool for ransomware deployment in the short term.“

CybersecuritymalwareCloudbotnet
Share
Share

Featured Articles

Top 100 Women 2024: Julie Sweet, Accenture - No. 5

Technology Magazine’s Top 100 Women in Technology honours Accenture’s Julie Sweet at Number 5 for 2024

OpenText AI: Empowering Businesses in Information Management

Technology Magazine was on the ground at OpenText World Europe 2024 to examine how the company is harnessing enterprise AI to perfect data-led solutions

GFT & Google Cloud Gen AI to Power Next-Gen Customer Service

Digital transformation firm GFT has announced that, with Google Cloud, it will bring forward a Gen AI tool to help banks support their customer service

Top 100 Women 2024: Ursula Koski, AWS - No.4

Digital Transformation

Microsoft in Japan: $2.9bn Investment to Boost AI & Cloud

Cloud & Cybersecurity

Amazon CEO Andy Jassy: Future of Gen AI to be Built on AWS

IT Procurement