Law enforcement authorities across several countries have taken down a network of what they describe as the “world’s most dangerous malware.”
The malware, Emotet, gained access to users’ computers through infected email attachments, including documents purporting to be “invoices, shipping notices and information about COVID-19,” European police agency Europol, which coordinated the effort, said in a statement.
“The Emotet infrastructure essentially acted as a primary door opener for computer systems on a global scale,” Europol said. “Once this unauthorized access was established, these were sold to other top-level criminal groups to deploy further illicit activities such as data theft and extortion.”
The global effort to disrupt and take control of the compromised network, known as a botnet, was carried out jointly between eight countries, including the United States, the United Kingdom, Canada, Germany and the Netherlands. The network consisted of several hundred servers across the world, Europol said.
An investigation by Dutch police yielded a database of email addresses, passwords and usernames that were compromised by Emotet.
The malware saw a resurgence last year, according to the US Cybersecurity and Infrastructure Security Agency (CISA), which described “a significant increase in malicious cyber actors targeting state and local governments” with Emotet phishing emails. “This increase has rendered Emotet one of the most prevalent ongoing threats,” CISA added.
Europol urged internet users to update their device’s antivirus tools and exercise greater caution to avoid falling prey to malware attacks. “Users should carefully check their email and avoid opening messages and especially attachments from unknown senders,” it said. “If a message seems too good to be true, it likely is and emails that implore a sense of urgency should be avoided at all costs.”