Global team disables ‘world’s most dangerous’ malware used by cybercriminals

A global investigations team has disabled the infrastructure of Emotet, which is considered the world’s most dangerous malware capable of stealing passwords and remotely installing malicious software, Germany’s Federal Criminal Police Office said on Wednesday.

The operation was carried out on Tuesday as part of an international campaign with investigators from the Netherlands, Ukraine, Lithuania, France, England, Canada and the United States and coordinated by Europe’s law enforcement authorities, police said in a statement.

Emotet, which can steal passwords and install remotely controlled programs including ransomware, is believed to have been used in a number of organised attacks, including attempts to infiltrate the world’s biggest oil company Saudi Aramco and to manipulate the 2020 US presidential campaign.

In Germany alone, attacks with the Emotet malware on individuals and institutions, including the Berlin Court of Justice, caused damage of at least €14.5 million (US$17.55 million), police said.

Dutch prosecutors said the malware was first discovered in 2014 and “evolved into the go-to solution for cybercriminals over the years. The Emotet infrastructure essentially acted as a primary door opener for computer systems on a global scale”.

01:40

Chinese PLA officers charged with stealing personal data of Americans in Equifax credit agency hack

Chinese PLA officers charged with stealing personal data of Americans in Equifax credit agency hack

The Dutch prosecutors said two of the main servers for the infrastructure were based in the Netherlands and a third in another undisclosed country. The national prosecutor’s office said the damage caused by Emotet runs into the hundreds of millions of euros.