In a joint operation, law enforcement agencies from Germany, the Netherlands, Ukraine, Lithuania, France, as well as England, Canada and the United States have smashed the infrastructure of the Emotet malware. Emotet was previously considered the most dangerous malware in the world and in the vast majority of cases was used to extort ransom from victims.
In addition to countless private individuals, the victims included companies, healthcare facilities, government agencies and other public institutions, for example the Berlin Court of Appeal and the administration of the city of Frankfurt am Main. In addition, there were institutions such as the University of Giessen, the Catholic University of Applied Sciences in Freiburg, and the Fürth Clinic. We have reported on Emotet several times in this blog.
What is Emotet?
Emotet is a generic term for malware that infects IT systems with Trojans by means of particularly authentic-looking spam emails. In the vast majority of cases, the gateway for Emotet was email attachments, such as contaminated Word documents. The reason why the emails could look so authentic was that email contents and contact data of the victims were already read out prior to the infection and the contents of the infected email were adapted to a previous communication, for example. In addition to infecting the computer, Emotet’s main task was to download other malware, for example the ransomware Ryuk or the banking Trojan Trickbot.
According to the press release of the Federal Criminal Police Office, the action coordinated by Europol and Eurojust not only succeeded in cutting off the perpetrators’ access to the Emotet infrastructure, but in at least one case it was possible to take control of the Emotet infrastructure.