Security News > 2021 > January > Europol: Emotet malware will uninstall itself on April 25th
Law enforcement has started to distribute an Emotet module to infected devices that will uninstall the malware on April 25th, 2021.
Today, Europol announced the disruption of the infamous Emotet email spamming botnet used to distribute malicious Word spam attachments that install malware such as TrickBot and Qbot.
After today's Emotet announcement, a security researcher known as Milkream discovered that Emotet had begun to push down a new module to infected devices.
This module will uninstall the Emotet malware from infected devices on April 25th, 2021, at 12:00.
"Foreign law enforcement, working in collaboration with the FBI, replaced Emotet malware on servers located in their jurisdiction with a file created by law enforcement, according to the affidavit. This was done with the intent that computers in the United States and elsewhere that were infected by the Emotet malware would download the law enforcement file during an already-programmed Emotet update."
"The law enforcement file prevents the administrators of the Emotet botnet from further communicating with infected computers. The law enforcement file does not remediate other malware that was already installed on the infected computer through Emotet; instead, it is designed to prevent additional malware from being installed on the infected computer by untethering the victim computer from the botnet," states a Department of Justice press release.