Security News
Microsoft has had a busy six months if its latest biannual digital trust report is anything to go by as law enforcement agencies crept closer to making 25,000 legal requests. Requests for consumer data reached 24,798 during the second half of 2020, up from 24,093 during the previous six-month period, and quite a jump from the 21,781 for the same period in 2019.
A report released Wednesday by security firm Digital Shadows looks at how such an effort was orchestrated to put a seeming end to the infamous Emotet malware. On Jan. 27, the European Union Agency for Law Enforcement Cooperation revealed that a global coalition of law enforcement and judicial authorities across several countries had disrupted Emotet through an endeavor known as "Operation Ladybird."
New research released today provides greater insight into the Emotet module created by law enforcement that will uninstall the malware from infected devices in April. On January 27th, Europol announced that a joint operation between law enforcement agencies from Netherlands, Germany, the United States, the United Kingdom, France, Lithuania, Canada, and Ukraine took control of the Emotet botnet's servers and disrupted the malware's operation.
New research released today provides greater insight into the Emotet module created by law enforcement that will uninstall the malware from infected devices in April. On January 27th, Europol announced that a joint operation between law enforcement agencies from Netherlands, Germany, the United States, the United Kingdom, France, Lithuania, Canada, and Ukraine took control of the Emotet botnet's servers and disrupted the malware's operation.
Following a takedown operation earlier this month, authorities are taking steps towards cleaning up systems infected with the Emotet malware. Serving as a malware loader, Emotet has been associated with the distribution of well-known malware families, including TrickBot and Ryuk ransomware, among others.
Law enforcement authorities in the U.S. and Europe have seized the dark web sites associated with the NetWalker ransomware operations and also charged a Canadian national in relation to the malware. In July, the FBI warned of NetWalker attacks targeting government organizations.
On Tuesday, the European Union Agency for Law Enforcement Cooperation announced that the Emotet botnet has been disrupted as a result of efforts from law enforcement and judicial authorities across several countries. By disrupting Emotet's infrastructure from the inside, the participating bodies were able to redirect the computers of people victimized by Emotet to an infrastructure controlled by law enforcement.
The dark web websites associated with the Netwalker ransomware operation have been seized by law enforcement from the USA and Bulgaria. Netwalker is a Ransomware-as-a-Service operation that began operating in late 2019, where affiliates are enlisted to distribute the ransomware and infect victims in return for a 60-75% share of ransom payments.
Authorities have managed to disrupt the infrastructure of the Emotet botnet, as part of an international effort of law enforcement agencies across Europe and North America. One of the most prevalent botnets over the past decade, Emotet first emerged in 2014 as a banking Trojan, but evolved into a malware downloader used by many cybercriminals looking to spread their malicious payloads.
Law enforcement and judicial authorities worldwide have effected a global takedown of the Emotet botnet, Europol announced today. "The Emotet infrastructure essentially acted as a primary door opener for computer systems on a global scale. Once this unauthorised access was established, these were sold to other top-level criminal groups to deploy further illicit activities such data theft and extortion through ransomware. Investigators have now taken control of its infrastructure in an international coordinated action," they explained.