Cybernews
  • News
  • Editorial
  • Security
  • Privacy
    • What is a VPN?
    • What is malware?
    • How safe are password managers?
    • Are VPNs legal?
    • More resources
    • Strong password generator
    • Personal data leak checker
    • Antivirus software
    • Best VPN services
    • Password managers
    • Secure email providers
    • Best website builders
  • Follow
    • Twitter
    • Facebook
    • YouTube
    • Linkedin
    • Flipboard
    • Newsletter

© 2021 CyberNews - Latest tech news, product reviews, and analyses.

Our readers help us create quality content. If you purchase via links on our site, we may receive affiliate commissions. Learn more

Home » News » ‘World’s most dangerous malware’ Emotet disrupted

‘World’s most dangerous malware’ Emotet disrupted

by Jurgita Lapienytė
27 January 2021
in News
0

(c) Shutterstock

322
SHARES

Law enforcement disrupted Emotet, one of the most significant and dangerous botnets of the past decade, Europol stated in a press release on Wednesday.

This week, authorities in the Netherlands, Germany, the United States, the United Kingdom, France, Lithuania, Canada and Ukraine, coordinated by Europol and Eurojust, carried out an operation which resulted in disruption of the world’s most dangerous malware.

Investigators have now taken control of Emotet’s infrastructure, Europol said in a statement.

“Emotet has been one of the most professional and long lasting cybercrime services out there. First discovered as a banking Trojan in 2014, the malware evolved into the go-to solution for cybercriminals over the years. The Emotet infrastructure essentially acted as a primary door opener for computer systems on a global scale. Once this unauthorised access was established, these were sold to other top-level criminal groups to deploy further illicit activities such data theft and extortion through ransomware,” the press release reads.


Read more: The 8 biggest botnets of all time


Through a fully automated process, Emotet malware was delivered to the victims’ computers via infected email attachments.  A variety of different lures were used to trick unsuspecting users into opening those malicious files. In the past, Emotet email campaigns have also been presented as invoices, shipping notices and information about COVID-19, law enforcement explained.

All these emails contained malicious Microsoft Word documents, either attached to the email itself or downloadable by clicking on a link within the email message. Once a user opened one of these documents, they could be prompted to “enable macros” so that the malicious code hidden in the Word file could run and install Emotet malware on a victim’s computer. 

“What made Emotet so dangerous is that the malware was offered for hire to other cybercriminals to install other types of malware, such as banking Trojans or ransomwares, onto a victim’s computer,” Interpol said in a press release.

Emotet is said to be one of the biggest players in the cybercrime world as other malware operators like TrickBot and Ryuk have benefited from it. 

“The infrastructure that was used by Emotet involved several hundreds of servers located across the world, all of these having different functionalities in order to manage the computers of the infected victims, to spread to new ones, to serve other criminal groups, and to ultimately make the network more resilient against takedown attempts,” Interpol said.

What we know about Emotet

Emotet is another sophisticated banking Trojan, David Balaban explained in his article. Its early versions only stole financial records relating to a few banks, but it has evolved dramatically over time. It is (or was) one of the three most prolific and dangerous botnets, although it has only been around for six years.

Spam is the dominating infection vector. Emotet arrives with emails that contain a malicious attachment laced with a Microsoft Office macro. Although the macro is not executed automatically, the attackers use social engineering tricks to lure the victim into running it.

In 2017, the crooks repurposed this botnet so that it mainly acts as a loader for other malicious applications. For instance, Emotet often operates in tandem with the notorious enterprise-targeting ransomware called Ryuk.

In 2020, researchers unveiled a new feature of Emotet: it exhibits worm-like characteristics by hacking poorly secured Wi-Fi networks and self-replicating inside them.

As far as the propagation geography goes, the hardest-hit countries are Germany, the U.S., India, and Russia. China, Italy, and Poland are on the list of heavily “torpedoed” countries as well.

WEF: ‘Major victory’

William Dixon, Cybersecurity Lead at the World Economic Forum, told journalists that ‘the takedown of one of the world’s most dangerous and prolific malware strains is a major victory’, and that building better cyber resilience is crucial.

“The World Economic Forum’s Global Risks Report highlighted that cybersecurity is the fourth biggest risk facing leaders today, and this is due to malware like Emotet. It has been a major factor in the global spike in cyberattacks since the pandemic began,” he said.

The next wave of cybersecurity risks will not be a continuation of current challenges, and incremental progress will not be enough to stop them, a recent study by the World Economic Forum, and the University of Oxford showed.

The 14-month study, conducted by the World Economic Forum and the University of Oxford, examines how shifts in technology will impact the cybersecurity industry.

Share322TweetShareShare
Next Post
Google to stop using Apple tool to track iPhone users, avoiding new pop-up warning

Google to stop using Apple tool to track iPhone users, avoiding new pop-up warning

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Editor's choice

COMb data leak - Mother of all breaches
News

COMB: largest breach of all time leaked online with 3.2 billion records

by Bernard Meyer
12 February 2021
37

It's being called the biggest breach of all time and the mother of all breaches: COMB, or the Compilation of...

Read more
14 million Amazon and eBay accounts sold online in new leak

14 million alleged Amazon and eBay account details sold online

17 February 2021
The hype around quantum computing: it’s not too early to get in

The hype around quantum computing: it’s not too early to get in

15 February 2021
Facebook phishing campaign that tricked nearly 450,000 users in Germany is now spreading in the UK

Facebook phishing campaign that tricked nearly 450,000 users in Germany is now spreading in the UK

15 February 2021
Cyberpunk 2077 maker CD Projekt Red has GWENT source code leaked after ransomware attack

Cyberpunk 2077 maker CD Projekt Red has GWENT source code leaked after ransomware attack

10 February 2021
  • Categories
    • News
    • Editorial
    • Security
    • Privacy
  • Reviews
    • Antivirus Software
    • Password Managers
    • Best VPN Services
    • Secure Email Providers
    • Website Builders
  • Tools
    • Password generator
    • Personal data leak checker
  • Engage
    • About Us
    • Send Us a Tip
    • Careers
  • Twitter
  • Facebook
  • YouTube
  • Linkedin
  • Flipboard
  • Newsletter
  • About Us
  • Contact
  • Send Us a Tip
  • Privacy Policy
  • Terms & Conditions
  • Vulnerability Disclosure

© 2021 CyberNews - Latest tech news, product reviews, and analyses.

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.

Home

News

Editorial

Security

Privacy

Resources

  • About Us
  • Contact
  • Careers
  • Send Us a Tip

© 2020 CyberNews – Latest tech news, product reviews, and analyses.

Subscribe for Security Tips and CyberNews Updates
Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!