27 April 2021

Emotet malware mass-uninstalled from infected devices worldwide


Emotet malware mass-uninstalled from infected devices worldwide

Emotet, one of the most dangerous malware on the threat landscape, was wiped from thousands of computers this week as part of an operation carried out by European law enforcement.

In January, Europol announced that the authorities from the Netherlands, Germany, the United States, the United Kingdom, France, Lithuania, Canada and Ukraine took control over the Emotet’s infrastructure and redirected infected computers towards the law enforcement-controlled infrastructure.

The Ukrainian police's Cyberpolice Department also arrested two individuals suspected to have been involved in the botnet's infrastructure maintenance. According to the Ukraininan police, the suspects used the malware to compromise servers of private businesses and government organizations in Europe and the US. As a result of these activities, banks and financial institutions suffered $2.5 billion in losses.

As part of efforts aimed at disrupting Emotet’s operation law enforcement pushed a new Emotet module in the form of a 32-bit EmotetLoader.dll to all infected systems that instructed the malware to self-destruct on Sunday, April 25.

Earlier this month, the FBI conducted a successful operation in which it removed web shells from hundreds of hacked Microsoft Exchange servers.

Back to the list

Latest Posts

One of the US’ largest pipelines halts operations after a ransomware attack

One of the US’ largest pipelines halts operations after a ransomware attack

The "DarkSide" criminal group is believed to be behind the ransomware attack.
10 May 2021
TunnelSnake cyber-espionage campaign deploys unique rootkit to backdoor Windows systems

TunnelSnake cyber-espionage campaign deploys unique rootkit to backdoor Windows systems

The attacks were highly targeted and delivered to less than 10 victims around the world, including large diplomatic organizations in South-East Asia and Africa.
10 May 2021
A bio research institute got infected with Ryuk ransomware because of pirated software

A bio research institute got infected with Ryuk ransomware because of pirated software

The student who wouldn’t pay for licensed software unwittingly opened a door to the ransomware.
10 May 2021