'World's most dangerous' malware has been brought under control

Emotet operated like a 'botnet', a network of hacked computers that made it possible, in particular, to send malicious emails on a very large scale.

-

ISSOUF SANOGO / AFP

• Authorities in several countries have taken control of "Emotet", the "world's most dangerous" malware.

• This software operated in the "botnet" mode, a network of hacked computers which made it possible in particular to send malicious emails on a very large scale.

"With so many States concerned, this is one of the first operations of this scale", welcomes Catherine Chambon, Deputy Director of the fight against cybercrime at the central directorate of the judicial police.

Authorities in several countries - including the Netherlands, Germany, the United States, the United Kingdom and France - recently took control of Emotet, the "world's most dangerous" malware, announced Wednesday the European Police Agency Europol and the European Judicial Cooperation Unit Eurojust.

This action allowed "its demolition from the inside", underline these two agencies.

First detected in 2014, Emotet “was more than just malware”, stressed Europol and Eurojust.

“What made Emotet so dangerous was that this malware was available for hire for other cybercriminals to install other types of malware like banking Trojans or ransomware on the computer. a victim.

"Emotet is a big locksmith who will open doors and allow other criminal organizations to inject malware that will encrypt or exfiltrate data", adds Catherine Chambon to

20 Minutes

.

"Botnet"

This software, underline the two organizations based in The Hague (Netherlands), worked in the mode of the “botnet”.

A network of hacked computers which, in the case of Emotet, notably made it possible to send malicious emails on a very large scale.

These infected machines, adds Catherine Chambon, were used "to carry out major attacks against people or companies which have financial resources to pay ransoms and have an interest in doing so to recover data".

“The mode of malware spread was essentially linked to the distribution of Word documents like false invoices, false information concerning the delivery of a product.

The victim was necessarily tempted to open them, ”continues the controller general of the national police.

Several dozen computers around the world have been infected in this way.

In France, an Emotet campaign had targeted certain departments of the Ministry of Justice, magistrates and Parisian lawyers in September 2020. An investigation was opened for “attacks against automated data processing systems containing personal data put into effect. work by the State ”and entrusted to the DGSI.

"Difficult to have an idea of ​​the number of victims"

Regarding the malware neutralization operation, France notably participated in the “detection of toxic IPs”, and contributed to “bringing down the infrastructure and preventing it from coming back up”, indicates the deputy director of the fight against cybercrime.

Other investigations are underway on companies that may have been targeted, but "it is difficult to have an idea of ​​the number of victims because they do not systematically file a complaint during this type of attack," says Catherine Chambon.

No arrest has yet been made.

"This is step two of the file," she concludes.

High Tech

Facebook: 533 million user phone numbers offered for sale on Telegram

High Tech

Criminal computer attacks quadruple in 2020

• By the Web

• Piracy

• Cyber ​​attack

• Federal police

• Police

• Cybercriminality