Following a takedown operation earlier this month, authorities are taking steps towards cleaning up systems infected with the Emotet malware.
One of the most prevalent botnets over the past decade, Emotet has been around since 2014, helping cybercriminals deploy their own Trojans, ransomware, and other types of malware onto compromised machines.
Serving as a malware loader, Emotet has been associated with the distribution of well-known malware families, including TrickBot and Ryuk ransomware, among others.
This week, Europol announced that, as part of an international operation that saw the participation of law enforcement agencies from eight different countries, Emotet’s infrastructure has been dismantled.
Authorities were able to take over the infrastructure, which included hundreds of servers worldwide, used to manage bots, spread Emotet, serve customers, and improve the network's resilience.
The Ukrainian police announced that two suspected Emotet infrastructure operators have been arrested, while other cybercriminals associated with the botnet’s activities have been identified and are being pursued. Emotet’s operators face up to 12 years in prison.
Codenamed LadyBird, the takedown operation also resulted in the seizure of hardware, credit cards, and cash, along with login credentials, keys to encrypted services, and information related to the infected companies. Authorities also identified 600,000 compromised email addresses, with passwords.
“The police have used their hacking powers to penetrate and investigate Emotet's cyber-criminal infrastructure. It was necessary to take action simultaneously in all countries concerned in order to be able to effectively dismantle the network and thwart any reconstruction of it,” the Dutch police said.
Authorities in the Netherlands also reveal that the investigation into Emotet, which started in 2019, has helped identify the various servers used for infrastruc ..
Support the originator by clicking the read the rest link below.
