Security News > 2021 > April > Emotet Malware Destroys Itself From All Infected Computers
Emotet, the notorious email-based Windows malware behind several botnet-driven spam campaigns and ransomware attacks, was automatically wiped from infected computers en masse following a European law enforcement operation.
The development comes three months after a coordinated disruption of Emotet as part of "Operation Ladybird" to seize control of servers used to run and maintain the malware network.
Previously, the Dutch police, which seized two central servers located in the country, said it had deployed a software update to counter the threat posed by Emotet effectively.
"All infected computer systems will automatically retrieve the update there, after which the Emotet infection will be quarantined," the agency noted back in January.
Ch's Feodo Tracker shows none of the Emotet servers are online.
"This means there is a realistic possibility that Emotet's operators will use this opportunity to make the loader malware even more resilient, for example, by using polymorphic techniques to counter future coordinated action. They could also use the Emotet source code to branch off and create smaller, independent botnets."