International authorities disrupt 'world's most dangerous malware'

Source: The Hill | January 27, 2021 | Maggie Miller

A team of international law enforcement and judicial groups on Wednesday announced they had disrupted infrastructure used by cyber criminals to spread what authorities described as the “world’s most dangerous malware” and attack organizations around the world.  

The Emotet botnet, one of the most prolific malware viruses used by cyber criminals over the past decade, saw its infrastructure disrupted by a coalition of authorities in the United States, the Netherlands, Germany, the United Kingdom, France, Lithuania, Canada and Ukraine, with European Union agencies Europol and Eurojust providing coordination support. 

As part of the effort, hundreds of servers around the world used to spread the botnet were taken over by law enforcement, with Europol noting in a statement that as part of this effort, “the infected machines of victims have been redirected towards this law enforcement-controlled infrastructure.”

The botnet had been used by cyber criminals since as early as 2014 as a backdoor into computer systems, with the Emotet virus sold to other cyber criminals once it had established access to these networks, increasing cases of data theft and ransomware attacks. 

“EMOTET was much more than just a malware,” Europol wrote. “What made EMOTET so dangerous is that the malware was offered for hire to other cybercriminals to install other types of malware, such as banking Trojans or ransomwares, onto a victim’s computer.”

The malware was spread through Microsoft Word documents attached to emails, which were often presented as invoices or shipping notices, or documents having to do with the COVID-19 pandemic, according to Europol. 

Significant data theft was also involved in use of the botnet, with Dutch authorities discovering a database that included stolen email addresses, usernames and passwords. 

In the U.S., the FBI and the Department of Justice were involved in disrupting the botnet’s infrastructure, while in Ukraine, authorities shared a video of a raid carried out that involved the seizure of dozens of pieces of computer equipment used to support the botnet.


Tagged: , ,

You must be logged in to reply to this topic.