display
Den Haag / Wiesbaden (dpa) - According to their own statements, an international group of investigators has rendered the criminal software "Emotet" harmless.
The police authority Europol announced in The Hague that the global infrastructure on several hundred computers had first been brought under control and then destroyed.
The operation lasted more than two years.
It was carried out under German and Dutch leadership with investigators from eight countries.
The operation was coordinated by Europol and Eurojust.
With reference to ongoing investigations, Europol did not comment on possible arrests.
The "Emotet" software was used by criminals for so-called cyber attacks.
Hidden in an inconspicuous Word document, often disguised as a seemingly harmless attachment to an e-mail or as a link, it broke into computer networks and opened up the possibility of copying or blocking sensitive data.
The perpetrators blackmailed companies and authorities.
Many private computer users also fell into the Emotet trap.
display
In Germany alone, the Federal Criminal Police Office (BKA) in Wiesbaden recorded damage of 14.5 million euros.
Affected were, for example, the Berlin Court of Justice, the Frankfurt am Main city administration and the Fürth Clinic.
The Ukrainian public prosecutor said in Kiev that several people had been arrested there.
The total damage in the countries hit was put at 2.5 billion US dollars, the equivalent of around 2.1 billion euros.
In Germany, 17 servers were confiscated, as the BKA announced.
The investigators spoke of "a significant blow against internationally organized Internet crime and at the same time a significant improvement in cybersecurity in Germany".
display
Emotet was one of the “most dangerous instruments for cyber attacks” in recent years, said a Europol spokeswoman.
It first appeared in 2014 as a so-called Trojan, malware that disguises itself as a useful file.
"The Emotet infrastructure basically worked like a first door opener in computer systems on a global level," said the authority.
"The system was able to infect entire networks in a unique way just by accessing a few devices."
As soon as the illegal access was successful, it was sold to cyber criminals.
These could in turn smuggle in their own Trojans, for example to gain access to bank data, to sell stolen data or to extort a ransom for blocked data.
The malware was hidden in fake invoices, delivery announcements or alleged information about Covid-19.
But if the user clicked on the link provided or opened the attachment, the malware installed itself and spread very quickly.
About the smashing of the Emotet infrastructure, Arne Schönbohm, President of the BSI (Federal Office for Information Security) said in Bonn: “Almost three years ago it was the BSI that called Emotet the“ king of malware ”.
Since then we have repeatedly warned of the threat posed by Emotet and pointed out the sometimes considerable consequences for companies, authorities, institutions and not least for the citizens.
Tens of thousands of private individuals' computers were infected with Emotet, with the result that online banking was manipulated or passwords were spied on.
The BSI has started to inform the affected users together with providers in Germany so that they can clean up their infected computers and laptops.
display
© dpa-infocom, dpa: 210127-99-194187 / 4
Europol