With Recent Law Enforcement Actions, Emotet’s Days are Now Over

With Recent Law Enforcement Actions, Emotet’s Days are Now Over
Emotet, one of the most active email spam botnets known to date, is being uninstalled from all infected devices. This has become possible with the help of a malware module that was delivered earlier in January by law enforcement agencies. This takedown attempt is the result of a coordinated international law enforcement action.

What is happening?

After the previous takedown attempt, the law enforcement agencies had delivered a new configuration to active Emotet infections so that the spam botnet would use C2 servers controlled by Germany's federal police agency, the Bundeskriminalamt.
Law enforcement spread the new Emotet module in the form of a 32-bit EmotetLoader[.]dll to all of the infected systems that will automatically uninstall the malware on April 25.
The recently added module deletes associated Windows services, autorun Registry keys, and subsequently exits the process. It then leaves everything else intact on the infected devices.
The module does not remove any other malware that was already installed on the infected system via Emotet; instead, it stops additional malware from being installed on the infected system.

Reversing the damage

Near around the same time as the recent shutdown, the FBI has been actively working to further minimize the malicious impact caused by this global threat.
The FBI has identified around 4.3 million email addresses that were harvested by the Emotet botnet and shared it with the Have I Been Pwned site.
To alert all the impacted users, the entire database has been handed over to the Have I Been Pwned (HIBP) service. 

Recent takedown attempts

Government agencies a ..

Support the originator by clicking the read the rest link below.