Security News > 2021 > January > Command 'n' control botnet of notorious Emotet Windows ransomware shut down in multinational police raid

Command 'n' control botnet of notorious Emotet Windows ransomware shut down in multinational police raid
2021-01-27 17:13

EU police agency Europol has boasted of taking down the main botnet powering the Emotet trojan-cum-malware dropper, as part of a multinational police operation that included raids on the alleged operators' homes in the Ukraine.

"To severely disrupt the EMOTET infrastructure, law enforcement teamed up together to create an effective operational strategy. It resulted in this week's action whereby law enforcement and judicial authorities gained control of the infrastructure and took it down from the inside," said Europol in a jubilant statement this afternoon.

Emotet is a frustratingly persistent email-delivered malware dropper aimed at Windows machines.

The malware's moneymaking potential hinged on that so-called dropper functionality: the criminals behind Emotet could rent it out to other malware or ransomware gangs.

Europol also said the raids had resulted in innocent victims already infected with Emotet having those infections neutralised through police gaining control of the crims' C2 infrastructure, explaining: "The infected machines of victims have been redirected towards this law enforcement-controlled infrastructure. This is a unique and new approach to effectively disrupt the activities of the facilitators of cybercrime."

Dutch police published an Emotet email address checker so potential victims can check if they were known to have been infected by the nasty.


News URL

https://go.theregister.com/feed/www.theregister.com/2021/01/27/emotet_botnet_taken_down_europol/