Thursday, December 12, 2024
HomeCyber Security BlogsEmotet’s days are now over, due to Recent Law Enforcement

Emotet’s days are now over, due to Recent Law Enforcement

The law enforcement agencies delivered a malware module earlier in January. This caused all the Emotet, one of the most active spam email botnets to be uninstalled from all the infected devices. This takedown was the result of a coordinated international law enforcement action.

What is happening?

There have been few attempts to takedown the botnets and in this attempt, the law enforcement agencies have delivered a new configuration to the currently active emotet infection. Here the spam botnet would automatically use the C2 servers that are controlled by the Germany’s federal police agency, the Bundeskriminalamt.

  • The new module of emotet is distributed by the law enforcement in the form of a 32bit EmotetLoader.dll to all systems that were infected. This module will uninstall the malware automatically on April 25.
  • This module deletes associated Windows services, auto run registry keys and then subsequently, the process is exited. Everything else on the device that was infected is left intact.
  • The module only stops any additional malware from being installed in the computer via emotet. It does not remove any other malware that was installed already.

Repairing the Damage-

Simultaneously to the takedown, the FBI is also trying to minimize the damage that was caused by this global threat.

  • Around 4.3 million email addresses were shared with Have I Been Pwned site after being identified by the FBI to be harvested by the emotet botnet.
  • The entire database has been handed over to the site service to be able to the impacted users.

Recent takedowns-

  • An attempt was made by the FBI towards removal of the webshells from Microsoft Exchange server infected via ProxyLogon exploits. FBI launched a court-approved and coordinated operation achieve the completion of this task.
  • Microsoft revealed last year about the legal action to disrupt the cybercrime digital network of TrickBot. Still the botnets were detected to be active in March again.

Conclusion-

These takedowns attempts are by the law enforcement is a huge step forward towards stopping of the threats and developments like collaboration among the agencies and the private sector security researchers are always welcome. Still the organization should be careful about the implementation of the security services adequately to be safe from any future threats.

David Scott
David Scott
Digital Marketing Specialist .
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Recent Comments

Izzi Казино онлайн казино казино x мобильді нұсқасы on Instagram and Facebook Video Download Made Easy with ssyoutube.com
Temporada 2022-2023 on CamPhish
2017 Grammy Outfits on Meesho Supplier Panel: Register Now!
React JS Training in Bangalore on Best Online Learning Platforms in India
DigiSec Technologies | Digital Marketing agency in Melbourne on Buy your favourite Mobile on EMI
亚洲A∨精品无码一区二区观看 on Restaurant Scheduling 101 For Better Business Performance

Write For Us