It took a global effort to take down the 'world's most dangerous' malware botnet

(Image credit: Pixabay (Elchinator))
Audio player loading…

Perhaps there will be far fewer ransomware attacks this year than in previous ones, or maybe that is being way too optimistic. Either way, global law enforcement officials have taken control "one of the most significant botnets of the past decade," called Emotet.

Described as "one of the most professional and long lasting cybercrime services out there," Emotet began as specialized piece of malware designed to steal banking information. That was back in 2014. Since then, it has "evolved into the go-to solution for cybercrimals," according to the European Union Agency for Law Enforcement (also known as Europol).

See more

"The Emotet infrastructure essentially acted as a primary door opener for computer systems on a global scale. Once this unauthorized access was established, these were sold to other top-level criminal groups to deploy further illicit activities such data theft and extortion through ransomware," Europol says (opens in new tab).

Like many forms of malware, Emotet primarily spread through infected email attachments. These attachments masqueraded as invoices, shipping notices, and more recently, information about Covid-19 (opens in new tab), in attempts to trick unwitting recipients into opening them.

"Emotet was much more than just a malware. What made Emotet so dangerous is that the malware was offered for hire to other cybercriminals to install other types of malware, such as banking Trojans or ransomwares, onto a victim’s computer," Europol explains.

Stream machine

(Image credit: Rode, Samson, Blue)

Best microphone for gaming (opens in new tab): make sure you're heard
Best webcams (opens in new tab): be seen while you get your stream on
Best capture cards (opens in new tab): lessen the load with a dedicated card

One thing that made Emotet so dangerous is that it was polymorphic, meaning the malware code was always changing. This is done to evade detection by antivirus programs.

In addition, hundreds of servers around the world comprised the Emotet botnet, all with different capabilities to spread malware. It also proved difficult to take down. This prompted law enforcement officials from around the world to band together, and ultimately cut it off at the knees from the inside.

"The infected machines of victims have been redirected towards this law enforcement-controlled infrastructure.  This is a unique and new approach to effectively disrupt the activities of the facilitators of cybercrime," Europol says.

Emotet is now benign, though technically the botnet still exists, at least for now—according to Malwarebytes (opens in new tab), it will be dismantled on April 25.

Paul has been playing PC games and raking his knuckles on computer hardware since the Commodore 64. He does not have any tattoos, but thinks it would be cool to get one that reads LOAD"*",8,1. In his off time, he rides motorcycles and wrestles alligators (only one of those is true).