Connect with us

Hi, what are you looking for?

World

Police smash ‘world’s most dangerous’ cybercrime malware tool

-

International police have disrupted the "world's most dangerous" cybercrime malware tool used to break into computer systems, law agencies announced on Wednesday.

The illicit tool called EMOTET was operated as a so-called botnet, software that infects a network of computers and allows them to be remotely controlled, Europol and its judicial sister agency Eurojust said.

Police based in Britain, Canada, Germany, Lithuania, the Netherlands, Ukraine and the United States teamed together to infiltrate EMOTET's infrastructure.

Describing it as the "world's most dangerous malware", Europol said in a statement that "law enforcement and judicial authorities worldwide have this week disrupted one of the most significant botnets of the past decade: EMOTET."

The network involved several hundred servers around the world that were used to "manage the computers of the infected victims, to spread to new ones, to serve other criminal groups", Europol said.

"Investigators have now taken control of its infrastructure in an international coordinated action," it said.

Police also searched properties in Ukraine in connection with the case, Britain's National Crime Agency said.

EMOTET "was used by cybercriminals to infiltrate thousands of companies and millions of computers worldwide," the NCA added in a statement.

- 'Door opener' -

What made EMOTET especially dangerous was the fact that it was offered for hire to other "top level" criminals, who then used this "door opener" to install other types of malware, Europol said.

This included infamous banking "Trojans" which steal bank details and credentials, and ransomware that locks files and systems and holds them for ransom for large sums of money.

Malware such as the TrickBot Trojan and Ryuk ransomware have benefited from it, Europol said.

Criminals used email attachments to trick unsuspecting victims into opening the mails, making them look like invoices, shipping notices and information about Covid-19.

All these emails contained malicious Word documents, either attached to the email or downloadable by clicking on a link within the mail.

Once a user opened one of these documents, they were prompted to "enable macros" so that the malicious code hidden in the Word file could run and install EMOTET malware on a victim's computer.

"EMOTET was one of the biggest vectors of corporate infection in ransomware and data theft attacks," Gerome Billois, Paris-based cybersecurity expert for the consultancy Wavestone, told AFP.

The police action "shows that it is possible to stop cyber-criminals", Billois added.

In France EMOTET has targeted several departments within the country's justice ministry as well as judges and lawyers in September last year, prompting security agencies to launch a probe.

Authorities were looking for companies that fell victim to EMOTET, but "it is difficult to have an idea of the number of victims", Catherine Chambon, deputy director of the French police's anti-cybercrime unit told AFP.

Many victims "do not systematically file a complaint during this kind of attack", she said.

International police have disrupted the “world’s most dangerous” cybercrime malware tool used to break into computer systems, law agencies announced on Wednesday.

The illicit tool called EMOTET was operated as a so-called botnet, software that infects a network of computers and allows them to be remotely controlled, Europol and its judicial sister agency Eurojust said.

Police based in Britain, Canada, Germany, Lithuania, the Netherlands, Ukraine and the United States teamed together to infiltrate EMOTET’s infrastructure.

Describing it as the “world’s most dangerous malware”, Europol said in a statement that “law enforcement and judicial authorities worldwide have this week disrupted one of the most significant botnets of the past decade: EMOTET.”

The network involved several hundred servers around the world that were used to “manage the computers of the infected victims, to spread to new ones, to serve other criminal groups”, Europol said.

“Investigators have now taken control of its infrastructure in an international coordinated action,” it said.

Police also searched properties in Ukraine in connection with the case, Britain’s National Crime Agency said.

EMOTET “was used by cybercriminals to infiltrate thousands of companies and millions of computers worldwide,” the NCA added in a statement.

– ‘Door opener’ –

What made EMOTET especially dangerous was the fact that it was offered for hire to other “top level” criminals, who then used this “door opener” to install other types of malware, Europol said.

This included infamous banking “Trojans” which steal bank details and credentials, and ransomware that locks files and systems and holds them for ransom for large sums of money.

Malware such as the TrickBot Trojan and Ryuk ransomware have benefited from it, Europol said.

Criminals used email attachments to trick unsuspecting victims into opening the mails, making them look like invoices, shipping notices and information about Covid-19.

All these emails contained malicious Word documents, either attached to the email or downloadable by clicking on a link within the mail.

Once a user opened one of these documents, they were prompted to “enable macros” so that the malicious code hidden in the Word file could run and install EMOTET malware on a victim’s computer.

“EMOTET was one of the biggest vectors of corporate infection in ransomware and data theft attacks,” Gerome Billois, Paris-based cybersecurity expert for the consultancy Wavestone, told AFP.

The police action “shows that it is possible to stop cyber-criminals”, Billois added.

In France EMOTET has targeted several departments within the country’s justice ministry as well as judges and lawyers in September last year, prompting security agencies to launch a probe.

Authorities were looking for companies that fell victim to EMOTET, but “it is difficult to have an idea of the number of victims”, Catherine Chambon, deputy director of the French police’s anti-cybercrime unit told AFP.

Many victims “do not systematically file a complaint during this kind of attack”, she said.

Written By

With 2,400 staff representing 100 different nationalities, AFP covers the world as a leading global news agency. AFP provides fast, comprehensive and verified coverage of the issues affecting our daily lives.

You may also like:

World

The evacuation of civilians from Sloviansk continued Wednesday as Russian troops pressed towards the eastern Ukrainian city.

World

The heads of MI5 and the FBI warned Wednesday about China's commercial espionage thrust in the West.

World

The U.S. believes Group of 20 talks in Bali can make progress related to the Ukraine crisis despite the participation of Russia.

World

Two Russian armoured vehicles, battered, charred and dented, provide a dramatic sight for visitors arriving at Warsaw’s historic Castle Square.