Connect with us

Hi, what are you looking for?

World

Police smash ‘world’s most dangerous’ cybercrime malware tool

-

International police have disrupted the "world's most dangerous" cybercrime malware tool used to break into computer systems, law agencies announced on Wednesday.

The illicit tool called EMOTET was operated as a so-called botnet, software that infects a network of computers and allows them to be remotely controlled, Europol and its judicial sister agency Eurojust said.

Police based in Britain, Canada, Germany, Lithuania, the Netherlands, Ukraine and the United States teamed together to infiltrate EMOTET's infrastructure.

Describing it as the "world's most dangerous malware", Europol said in a statement that "law enforcement and judicial authorities worldwide have this week disrupted one of the most significant botnets of the past decade: EMOTET."

The network involved several hundred servers around the world that were used to "manage the computers of the infected victims, to spread to new ones, to serve other criminal groups", Europol said.

"Investigators have now taken control of its infrastructure in an international coordinated action," it said.

Police also searched properties in Ukraine in connection with the case, Britain's National Crime Agency said.

EMOTET "was used by cybercriminals to infiltrate thousands of companies and millions of computers worldwide," the NCA added in a statement.

- 'Door opener' -

What made EMOTET especially dangerous was the fact that it was offered for hire to other "top level" criminals, who then used this "door opener" to install other types of malware, Europol said.

This included infamous banking "Trojans" which steal bank details and credentials, and ransomware that locks files and systems and holds them for ransom for large sums of money.

Malware such as the TrickBot Trojan and Ryuk ransomware have benefited from it, Europol said.

Criminals used email attachments to trick unsuspecting victims into opening the mails, making them look like invoices, shipping notices and information about Covid-19.

All these emails contained malicious Word documents, either attached to the email or downloadable by clicking on a link within the mail.

Once a user opened one of these documents, they were prompted to "enable macros" so that the malicious code hidden in the Word file could run and install EMOTET malware on a victim's computer.

"EMOTET was one of the biggest vectors of corporate infection in ransomware and data theft attacks," Gerome Billois, Paris-based cybersecurity expert for the consultancy Wavestone, told AFP.

The police action "shows that it is possible to stop cyber-criminals", Billois added.

In France EMOTET has targeted several departments within the country's justice ministry as well as judges and lawyers in September last year, prompting security agencies to launch a probe.

Authorities were looking for companies that fell victim to EMOTET, but "it is difficult to have an idea of the number of victims", Catherine Chambon, deputy director of the French police's anti-cybercrime unit told AFP.

Many victims "do not systematically file a complaint during this kind of attack", she said.

International police have disrupted the “world’s most dangerous” cybercrime malware tool used to break into computer systems, law agencies announced on Wednesday.

The illicit tool called EMOTET was operated as a so-called botnet, software that infects a network of computers and allows them to be remotely controlled, Europol and its judicial sister agency Eurojust said.

Police based in Britain, Canada, Germany, Lithuania, the Netherlands, Ukraine and the United States teamed together to infiltrate EMOTET’s infrastructure.

Describing it as the “world’s most dangerous malware”, Europol said in a statement that “law enforcement and judicial authorities worldwide have this week disrupted one of the most significant botnets of the past decade: EMOTET.”

The network involved several hundred servers around the world that were used to “manage the computers of the infected victims, to spread to new ones, to serve other criminal groups”, Europol said.

“Investigators have now taken control of its infrastructure in an international coordinated action,” it said.

Police also searched properties in Ukraine in connection with the case, Britain’s National Crime Agency said.

EMOTET “was used by cybercriminals to infiltrate thousands of companies and millions of computers worldwide,” the NCA added in a statement.

– ‘Door opener’ –

What made EMOTET especially dangerous was the fact that it was offered for hire to other “top level” criminals, who then used this “door opener” to install other types of malware, Europol said.

This included infamous banking “Trojans” which steal bank details and credentials, and ransomware that locks files and systems and holds them for ransom for large sums of money.

Malware such as the TrickBot Trojan and Ryuk ransomware have benefited from it, Europol said.

Criminals used email attachments to trick unsuspecting victims into opening the mails, making them look like invoices, shipping notices and information about Covid-19.

All these emails contained malicious Word documents, either attached to the email or downloadable by clicking on a link within the mail.

Once a user opened one of these documents, they were prompted to “enable macros” so that the malicious code hidden in the Word file could run and install EMOTET malware on a victim’s computer.

“EMOTET was one of the biggest vectors of corporate infection in ransomware and data theft attacks,” Gerome Billois, Paris-based cybersecurity expert for the consultancy Wavestone, told AFP.

The police action “shows that it is possible to stop cyber-criminals”, Billois added.

In France EMOTET has targeted several departments within the country’s justice ministry as well as judges and lawyers in September last year, prompting security agencies to launch a probe.

Authorities were looking for companies that fell victim to EMOTET, but “it is difficult to have an idea of the number of victims”, Catherine Chambon, deputy director of the French police’s anti-cybercrime unit told AFP.

Many victims “do not systematically file a complaint during this kind of attack”, she said.

AFP
Written By

With 2,400 staff representing 100 different nationalities, AFP covers the world as a leading global news agency. AFP provides fast, comprehensive and verified coverage of the issues affecting our daily lives.

You may also like:

Life

Their stories are divided into before and after.

World

Child of the caliphate: A girl in the vast al-Hol Islamic State camp in northeastern Syria - Copyright AFP Delil SOULEIMANRouba EL HUSSEINIAli is...

Social Media

Wanna buy some ignorance? You’re in luck.

Tech & Science

Under new legislation that passed the House of Representatives last week, TikTok could be banned in the United States.