A global investigations team has disabled the infrastructure of Emotet, which is considered the world’s most dangerous malware capable of stealing passwords and remotely installing malicious software, Germany’s Federal Criminal Police Office said on Wednesday. The operation was carried out on Tuesday as part of an international campaign with investigators from the Netherlands, Ukraine, Lithuania, France, England, Canada and the United States and coordinated by Europe’s law enforcement authorities, police said in a statement. Emotet, which can steal passwords and install remotely controlled programs including ransomware, is believed to have been used in a number of organised attacks, including attempts to infiltrate the world’s biggest oil company Saudi Aramco and to manipulate the 2020 US presidential campaign. Robot vacuums can be used by hackers to spy on conversations, study shows In Germany alone, attacks with the Emotet malware on individuals and institutions, including the Berlin Court of Justice, caused damage of at least €14.5 million (US$17.55 million), police said. Dutch prosecutors said the malware was first discovered in 2014 and “evolved into the go-to solution for cybercriminals over the years. The Emotet infrastructure essentially acted as a primary door opener for computer systems on a global scale”. The Dutch prosecutors said two of the main servers for the infrastructure were based in the Netherlands and a third in another undisclosed country. The national prosecutor’s office said the damage caused by Emotet runs into the hundreds of millions of euros. The malicious software was delivered to computers in infected email attachments containing Word documents. “A variety of different lures were used to trick unsuspecting users into opening these malicious attachments,” Dutch prosecutors said in a statement. “In the past, Emotet email campaigns have also been presented as invoices, shipping notices and information about Covid-19.” Russian hackers’ motive baffles US: mere espionage, or worse? Europol said law enforcement agencies teamed up to take down the criminal infrastructure from the inside. “The infected machines of victims have been redirected towards this law enforcement-controlled infrastructure,” the agency said. “This is a unique and new approach to effectively disrupt the activities of the facilitators of cybercrime.” The operation was not the first time that cybercrime fighters have infiltrated illicit computer operations, In 2017, police shut down the world’s leading “darknet” marketplace – then Dutch police quietly seized a second bazaar to amass intelligence on illicit drug merchants and buyers.