Following similar move in US, Europol prepares coup de gras for Emotet's remains | SC Media

Following similar move in US, Europol prepares coup de gras for Emotet's remains | SC Media

On Sunday, Europol will end a three-month-long process of dismantling the Emotet botnet by triggering a time-activated .dll to delete malware from the systems.. (Europol)

On Sunday, Europol will end a three-month-long process of dismantling the Emotet botnet. A time-activated .dll sent to victim machines will delete malware from the systems.


In advance of the Europol move, security pros are praising it as a necessary step that, if all goes correct, will happen with no knowledge from individuals. But the move might raise interesting secondary effects to security, including to forensics.


“CISOs that are unaware of the existence of Emotet on their networks will likely not notice its removal,” said Austin Merritt, cyber threat intelligence analyst at Digital Shadows.


Of course, Emotet’s final undoing comes two weeks after a similar FBI operation sent a kill command to hundreds of Microsoft Exchange servers, ordering web shells to delete themselves. But there are differences in subtlety and scope.


When following similar europol prepares emotet remains media