Destroying the Destroyer - Malware Edition

Destroying the Destroyer - Malware Edition

For more than half a decade, Emotet was a menace to the entire world and grew up to be one of the most dangerous botnets of all time. However, a global law enforcement operation finally took it down and it can be safely said that the malware’s reign is over.

What happened?


Dubbed Operation LadyBird, Emotet's infrastructure was taken down by the joint collaboration between law enforcement agencies from the U.S., the U.K, Canada, the Netherlands, France, Germany, Ukraine, and Lithuania, along with private security researchers, Europol, and Eurojust.

How did they do it?


Emotet’s infrastructure has been taken down from the inside and the various C2 servers across the world have been seized. All the infected machines have been redirected to the infrastructure controlled by law enforcement; thus, disrupting the activities of the gang.

Any worries?


Emotet has been a launching pad for other malware families, whose goal is to steal financial data and encrypt corporate networks. This implies that if a network is infected by Emotet, there might be the presence of IcedID, TrickBot, Qbot, Ursnif, and Dridex malware.   

The bottom line


Although this comes as a breath of relief, the Dutch Police has warned potential victims to check for infection using the “Emotet Checker” tool developed by them. Even though the takedown of Emotet can disrupt malware operations for a short period, in the bigger scheme of things, malware families will still live on without Emotet.



Support the originator by clicking the read the rest link below.