Became one of the most dangerous cybercriminal networks ever shut down early this year, but has been active again and on the rise since last week. Experts fear that the resurrection of ‘Emotet’ will cause a significant global increase in phishing emails and digital break-ins. Investigation services monitor developments.
–
Until a year ago, the infamous and very successful virus Emotet was responsible for a significant part of all malicious infections of computers worldwide. Cyber criminals delivered the virus by e-mail to 100,000 mailboxes daily via hundreds of servers. Ultimately, they were able to hack into a million computers owned by companies and individuals each year. The multi-faceted virus stole banking information from those computers and created access to networks on which criminals could distribute ransomware.
–
The criminal virus was responsible for about 30 percent of all phishing emails worldwide. In January, the Dutch police played an important role in shutting down the botnet. After all, the malicious program was controlled from two servers in the Netherlands. But now Emotet is back and on the rise again.
–
‘Potentially hundreds of thousands of victims’
Ten months after law enforcement shut down Emotet, cyber experts saw the virus resurface last week. “Bad news,” says Dave Maasland of cybersecurity company ESET Netherlands. He calls Emotet ‘the ideal back door for cybercriminals’ and considers it ‘a serious threat to businesses and consumers’.
–
The virus spreads like wildfire through a victim’s email contacts. “This could potentially lead to hundreds of thousands of victims of all sorts of digital crimes with ransomware being the biggest problem.”
–
–
Impact
It was still considered an unprecedented success in January: Europol, the Team High Tech Crime of the Dutch police, and police services from the US and the United Kingdom, among others, were able to disable about seven hundred Emotet servers, two of which were crucial in the Netherlands. A number of cyber criminals were arrested.
–
The impact was immense: the number of digital infections worldwide fell by more than 40 percent after the campaign.
–
‘Preparation’
“Emotet doesn’t really have the large scale of that time, but we are seeing the preparations,” explains Frank de Korte of cybersecurity company Northwave. The booming cyber-gang Conti now seems to be in control. “It has the potential to become a very big problem again.”
–
It appears that Conti is now spreading the virus through an already existing criminal server network. De Korte: “Because they are now using existing infrastructure, things can go fast.” According to De Korte, various investigative services, including the Dutch police and the FBI, are closely monitoring the situation.
–
Emotet?
Emotet has been one of the “most dangerous cyber-attacks in recent years,” a Europol spokesperson explained at the action in January. The program saw the light of day in 2014 as a Trojan horse. People’s computers were broken into by means of a Word document or a link as an attachment to an e-mail.
–
Other criminals paid for the access that allowed them to unleash their own Trojans on the computers to get bank details or other data. The malware was hidden in forged invoices, receipts or false information about the coronavirus. If the user clicked on the link or opened the attachment, the malware could install and spread at lightning speed.
–
–
Free unlimited access to Showbytes? Which can!
Log in or create an account and never miss a thing from the stars.
–
–
