A joint police initiative from several countries captured Emotet’s thousands of computers, one of the digital scam schemes that had earned the most revenue in the last decade.
In a joint operation carried out by several countries, the police seized thousands of computers that belonged to one of the most dangerous international networks of crackers (roughly speaking, a type of hacker who uses his advanced knowledge to commit cyber crimes).
This is the botnet (botnet) Emotet, one of the most important in the last decade and responsible for the malware (malicious program) of the same name.
Through email attachments, Emotet gained access to victims’ computers and then sold them to criminals who installed even more dangerous malicious software.
In the operation, police forces from several European Union countries worked, in addition to Canada, the United States, the United Kingdom, Ukraine, Europol and the European Union Agency for Criminal Judicial Cooperation (Eurojust).
Europol described Emotet as one of the main “openers” of computer systems in the world.
“Once unauthorized access was established, that access was sold to other criminal groups for more illegal activities, such as data theft and extortion by means of ransomware (programs used to hijack information and then ask for money in exchange for its release. ) “, explained the European police in a statement.
Dmitry Smilyanets, a threat intelligence specialist at Recorded Future, believes that the creator of the network and his team is unlikely to attempt to rebuild it “even if they are not arrested”.
“They have enough money to retire in peace or start a new criminal adventure,” he estimates.
“A functioning botnet is a very complicated and delicate system. If more than half of the infrastructure is not working, it is better to abandon it.”
How did it work?
During its early days, Emotet was banking malware designed to spy on computers and steal login details.
The victims were given a Word document that seemed important. When opened, it asked to “enable macros”, a seemingly innocent feature built into the text editor, but which, when enabled, allowed attackers to access the computer.
Lotem Finkelstein, a threat intelligence specialist at Check Point Software, notes that he has been following Emotet for years.
“By far, they were the most prevalent and successful malware of 2020,” he says, noting that Emotet sent scams by email with more than 150,000 subjects and 100,000 different links last year.
“They constantly adjusted their scams according to global interests and events, like the covid-19 pandemic or big shopping seasons like Black Friday,” explains Finkelstein.