By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
TechgoonduTechgoondu
  • Audio-visual
  • Enterprise
    • Software
    • Cybersecurity
  • Gaming
  • Imaging
  • Internet
  • Media
  • Mobile
    • Cellphones
    • Tablets
  • PC
  • Telecom
Search
© 2023 Goondu Media Pte Ltd. All Rights Reserved.
Reading: Emotet, world’s “most dangerous” malware, gets disrupted by law enforcement agencies
Share
Aa
TechgoonduTechgoondu
Aa
  • Audio-visual
  • Enterprise
  • Gaming
  • Imaging
  • Internet
  • Media
  • Mobile
  • PC
  • Telecom
Search
  • Audio-visual
  • Enterprise
    • Software
    • Cybersecurity
  • Gaming
  • Imaging
  • Internet
  • Media
  • Mobile
    • Cellphones
    • Tablets
  • PC
  • Telecom
Follow US
© 2023 Goondu Media Pte Ltd. All Rights Reserved.
Techgoondu > Blog > Cybersecurity > Emotet, world’s “most dangerous” malware, gets disrupted by law enforcement agencies
CybersecuritySoftware

Emotet, world’s “most dangerous” malware, gets disrupted by law enforcement agencies

Alfred Siew
Last updated: January 28, 2021 at 10:49 PM
Alfred Siew Published January 28, 2021
4 Min Read
SHARE
PHOTO: Sora Shimazaki from Pexels

Emotet, a powerful piece of malware that has infected computers of individuals and businesses throughout the world, was disrupted this week by law enforcement agencies that seized both the servers controlling it as well as people suspected of keeping it running.

In one of the most significant takedowns of malware operations in years, authorities from the Netherlands, Germany, the United States, the United Kingdom, France, Lithuania, Canada and Ukraine worked together to shut down computers that control the malware.

Law enforcement and judicial authorities gained control of the infrastructure and took it down from the inside this week, according to Europol.

“The infected machines of victims have been redirected towards this law enforcement-controlled infrastructure,” the regional law enforcement agency stated in an announcement today.

Emotet is notorious for being a “door opener” for a number of cyber attacks that can be executed after hackers gain access to a victim’s computers. They can install ransomware or steal sensitive information, for example.

Typically, Emotet works by tricking a user into opening an e-mail attachment, disguised as an invoice or resume, for example, and unwittingly creating a backdoor to his computer.

This access is then sold “as a service” to other cyber criminals who want easy way to mount a cyber attack in future.

First conceived as a trojan for stealing banking credentials in 2014, Emotet is remarkable in how it has morphed over the years. As it spreads, it changes its code slightly to avoid detection by cyber defences.

Click for larger version. INFOGRAPHIC: Europol handout

In 2019, Singapore cybersecurity firm Ensign said that the malware had been detected in half of the machines it had scanned in the country. Emotet was found in the manufacturing, financial services, media, aviation and healthcare sectors here.

Elsewhere, Emotet’s attacks have been well documented. In 2019, the Berlin Court of Appeal and the University of Giessen were both hit by it, according to cyber security firm Kasperksy.

Today, Dutch authorities who took control of two Emotet command and control servers are said to have pushed an update to automatically uninstall the malware on victims’ computers on March 25, reported ZDNet.

It added that Ukrainian police have announced the arrest of two individuals believed to be tasked with keeping Emotet’s servers up and running (video below).

How effective will this takedown be in keeping Emotet-wielding cyber criminals off the Internet? It depends on how widely their networks have been disrupted, say experts.

Threat actors rebuild their botnets following other takedown or disruption efforts, although the likelihood of this scenario hinges on the significance of the individuals who have been apprehended, said Kimberly Goody, senior manager of cybercrime analysis for Mandiant Threat Intelligence.

“Notably, the actors behind Emotet have existing partnerships with other notable malware operations, including Trickbot, Qakbot, and Silentnight,” she noted.

“In addition to distributing these families as secondary payloads, we have occasionally observed Emotet being distributed by these families in the past,” she added. “These existing partnerships and renewed spamming could be leveraged to rebuild the botnet.”

You Might Also Like

As TikTok faces a possible ban in the US, should users elsewhere be worried?

RedCap: A new cellular IoT technology for the 5G era

Debate on computational photography misses what’s real, what’s lived outside a frame

Give a royal wave and avoid munchies during video calls, say etiquette experts Debrett’s

Sensing strong demand, Tata Comms pitches “hyperconnected” ecosystems

TAGGED: botnet, Emotet, Europol, takedown

Sign up for the TG newsletter

Never miss anything again. Get the latest news and analysis in your inbox.

By signing up, you agree to our Terms of Use and acknowledge the data practices in our Privacy Policy. You may unsubscribe at any time.
Alfred Siew January 28, 2021
Share this Article
Facebook Twitter Whatsapp Whatsapp LinkedIn Copy Link Print
Share
Avatar photo
By Alfred Siew
Follow:
Alfred is a writer, speaker and media instructor who has covered the telecom, media and technology scene for more than 20 years. Previously the technology correspondent for The Straits Times, he now edits the Techgoondu.com blog and runs his own technology and media consultancy.
Previous Article Enterprises need to become more tech-centric in another year of Covid-19 crisis
Next Article Sony’s SRS-RA 5000, SRS-RA 3000 360 Reality Audio speakers out in Singapore
Leave a comment

Leave a Reply Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Stay Connected

Facebook Like
Twitter Follow

Latest News

Oppo Find N2 Flip review: A worthy flip phone alternative to Samsung
Cellphones Mobile March 26, 2023
As TikTok faces a possible ban in the US, should users elsewhere be worried?
Cybersecurity Internet March 24, 2023
Foodpanda to use Gogoro electric scooters in battery swapping trial with Cycle & Carriage
Enterprise Internet March 23, 2023
RedCap: A new cellular IoT technology for the 5G era
Enterprise Software Telecom March 23, 2023
//

Techgoondu.com is published by Goondu Media Pte Ltd, a company registered and based in Singapore.

.

Started in June 2008 by technology journalists and ex-journalists in Singapore who share a common love for all things geeky and digital, the site now includes segments on personal computing, enterprise IT and Internet culture.

banner banner
Everyday DIY
PC needs fixing? Get your hands on with the latest tech tips
READ ON
banner banner
Leaders Q&A
What tomorrow looks like to those at the leading edge today
FIND OUT
banner banner
Advertise with us
Discover unique access and impact with TG custom content
SHOW ME

 

 

POWERED BY READYSPACE
The Techgoondu website is powered by and managed by Readyspace Web Hosting.

TechgoonduTechgoondu
Follow US

© 2023 Goondu Media Pte Ltd. All Rights Reserved | Privacy | Terms of Use | Advertise | About Us | Contact

Join Us!

Never miss anything again. Get the latest news and analysis in your inbox.

Zero spam, Unsubscribe at any time.
 

Loading Comments...
 

    Welcome Back!

    Sign in to your account

    Lost your password?