Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Operation Ladybird. Show all posts

Emotet - 'Most Dangerous Malware in the World' Disrupted by the Law Enforcement Agencies

 

The European Union Agency for Law Enforcement announced that a global collaboration of law enforcement agencies had disrupted Emotet, what it called the ‘most dangerous malware in the world’.

‘Operation ladybird’ was conducted via a collaboration of private security experts with global law enforcement agencies to disrupt Emotet and take charge of Emotet’s command-and-control infrastructure. While conducting the raid Ukrainian police arrested at least two Ukrainian citizens working for the cybercriminal group.

Ukrainian law enforcement published a video showing officers seizing cash, computer equipment, and rows of gold bars. Neither Europol nor the Ukrainian police has shared the details regarding threat actors or their asserted role in the Emotet group. Ukrainian authorities released a statement explaining that “other members of an international hacker group who used the infrastructure of the Emotet bot network to conduct cyberattacks have also been identified. Measures are being taken to detain them”.

Europol stated that “the Emotet infrastructure essentially acted as a primary door opener for computer systems on a global scale”. A malware globally known as Emotet has jeopardized the free-flowing working of the Internet and has grown into one of the biggest botnets across the globe and ruining organizations with data theft and ransomware.

In 2014, Emotet was initially known as a banking trojan, the malware gradually evolved into a powerful weapon used by threat actors across the globe to secure unauthorized access to computer systems. Emotet’s designers known as APT group TA542 shared the malware with other threat actors who used malware to install banking trojans or ransomware, onto a victim’s computer system.

Interpol stated that “the infrastructure that was used by Emotet involved several hundreds of servers located across the world, all of these having different functionalities to manage the computers of the infected victims, to spread to new ones, to serve other criminal groups, and to ultimately make the network more resilient against takedown attempts”.