The FBI and Europol, together with a number of other international organizations and agencies, took control of the Emotet Baptnet Infrastructure, which was used by cybercriminals for various malicious attacks, in particular, using extortionate programs.
The FBI and Europol announced the "disconnection" of the most dangerous and widespread botnet in the world. The disconnection was made after the global law enforcement operation, whose planning was left for about two years.
Europol, FBI, the British National Agency for Combating Crime, as well as other organizations were able to control and stop the Emotet botnet activity.
Emotet began to spread in 2014 in the form of a bank trojan, but soon reincarnated into one of the most powerful forms of malicious software, which was actively used by leading world cybercriminals, including APT groups.
With the help of the botnet Emotet on the victim's device, a backdoor was installed in the Windows system (usually happened after receiving a phishing letter). In malicious letters, hackers distributed compromised Word documents with a malicious software. The theme and text of the electronic phishing letter are designed to inspire confidence in the recipient and make it open an attached file, allow it to edit it.
It is known that Emotet operators actively leased a huge amount of infected devices to other cybercriminals, and they used them as a gateway for additional attacks, the introduction of malicious software, including remote access tools (RAT) and extortioner programs.
Director of the European Cybercrime Center of Cybercrime, Fernando Ruis, said: "Most likely, this is one of the largest operations from the point of view of the exposure rendered on cybercriminals. With a high probability of probability, the Emotet bot was completely disabled. We took control of all the infrastructure of the botnet, which is now from several hundred servers worldwide. Infected devices are now under the control of law enforcement agencies, so they will no longer be able to be used by cybercriminals for cyberak.
"Of course, we expect the surgery we will have a serious negative impact on cybercriminals, because we remove one of the main droppers in the hacker market. At the same time, we expect that after our intervention in this area there will be a gap that other attackers will try to fill. But in the short term, all this has a positive effect on the sphere of world cybersecurity, "said Fernando Ruis.
More interesting material on cisoclub.ru. Subscribe to us: Facebook | Vk | Twitter | Instagram | Telegram | Zen | Messenger | Icq new | YouTube | Pulse.