In 2019, Emotet had infected 47,000 computers worldwide and generated around 6,000 malicious URLs.
The king of computer viruses has lost his crown.
The police and judicial authorities of Europe and North America have this week dismantled one of the most important botnets of the last decade, known as Emotet, responsible for the malicious program of the same name that has infected thousands of computers around the world.
Investigators have taken control of this infrastructure in a coordinated international action between the authorities of the Netherlands, Germany, the United States, the United Kingdom, France, Lithuania, Canada and Ukraine, together with the European Police Office (Europol) and the European Union Agency for Criminal Judicial Cooperation (Eurojust).
"It was much more than
malware
[malicious program]," said Europol authorities in a statement.
Until today, Emotet was one of the most professional and enduring cybercrime services around, since since its discovery in 2014, the computer virus had evolved into the go-to solution for cybercriminals for seven years.
How powerful and destructive was he?
If you have suffered the effects of any type of computer virus, it is very likely that you have been a victim of Emotet.
In 2019, the non-profit organization The Spamhaus Project published a report claiming that there were tens of thousands of computers infected with Emotet around the world and that they were issuing around 6,000 malicious links that led to websites that served as an infection vector.
According to these data, Emotet was the
malware
with the greatest global presence, as it represented 45% of the links used to download computer viruses around the world.
🤔How did Emotet infect its unsuspecting victims?
pic.twitter.com/zx5ZBWql4j
- Europol (@Europol) January 27, 2021
“What made Emotet so dangerous is that the virus was offered for rent to other cybercriminals to install other types of
malware
, such as banking Trojans [seemingly harmless programs that open the doors of computers to other malicious programs] or
ransomware
[programs that they are used to hijack the information on the computers and subsequently request a ransom in exchange for releasing them], on the victim's computer, ”explains Europol.
In other words, Emotet functioned as a kind of storage service for cybercriminals' computer viruses and also as a housekeeper, allowing other types of
malware
to access the computers it managed to bypass.
Emotet owes its power and fame to its infrastructure, which involved hundreds of servers located around the world and with different functionalities to manage the computers of infected victims, spread to new ones, serve other criminal groups and, ultimately , make the network more resistant against removal attempts.
“The Emotet infrastructure essentially acted as a gate opener for computer systems on a global scale and, once established, those accesses were sold to other high-level criminal groups to implement more illicit activities, such as data theft and extortion. through
ransomware
”, ensures Europol.
As a throne, a bench
Emotet was the king of malware and had cyber authorities on their knees for almost a decade.
But this king had neither a throne nor a palace.
According to the images and videos shared by the National Police of Ukraine, which carried out the captures, the terror of cybersecurity worldwide operated from a small and dirty room, with a computer on a messy table and as a seat, a bench.
No elite teams of hooded hackers in a gigantic warehouse with state-of-the-art facilities.
But what exactly did it do and how did Emotet work?
Cybercriminals used email as their main weapon of attack.
“Using a fully automated process, Emotet was delivered to victims' computers via infected email attachments, using a variety of different decoys to trick unsuspecting users into opening these malicious attachments.
Emotet's email campaigns were also presented as invoices, shipping notices and information about covid-19, ″ explain the European authorities.
All of these emails contained
malicious
Word
documents
, either attached to the email itself or downloadable by clicking on a link within the email.
Once a user opened one of these documents, the malicious code hidden in the Word file would start to run and install the Emotet virus and services on the victim's computer.
Emotet will go down in history as one of the main players in the world of cybercrime and the driver of the most powerful computer viruses in cyberspace, such as TrickBot, QakBot and Ryuk.
But above all, it will be remembered as the computer virus that circumvented the authorities of more than eight countries on two continents without any film infrastructure, from a small Ukrainian warehouse.
You can follow EL PAĂŤS TECNOLOGĂŤA RETINA on Facebook, Twitter, Instagram or subscribe here to our Newsletter.
/cloudfront-eu-central-1.images.arcpublishing.com/prisa/H6SX4JB4HJIOMBO3FUP6IGGLUI.jpg)
/cloudfront-eu-central-1.images.arcpublishing.com/prisa/JLX4IXAS25BVBICTHHWJ3AT5IY.jpg)
