Europol coordinated a joint operation against Emotet, in a multinational effort – “Operation Ladybird”. Thus, police in the Ukraine, Lithuania, US, United Kingdom, Netherlands, Germany, France and Canada were involved. It seems that the authorities managed to take down the infrastructure that hackers used for the Emotet malware.
Europol have taken control
According to Europol, the infrastructure of the “world’s most dangerous malware” is now under their control. But the control refers to several hundred servers all around the world.
Thus, the machines used by hackers are now redirected towards the infrastructure that the authorities control.
The Ukraine police posted a video in which they present the arrests they made and the cash, gold and IT infrastructure they confiscated.
Also, the Dutch police mentioned that three main control servers of the network were in the Netherlands.
Emotet generated $2.5 billion in losses
So, Serhiy Kropyva, Ukraine’s cyber police department first deputy officer, estimated losses of $2.5 billion due to Emotet. Their attacks targeted both public and private entities in Europe and the U.S.
The complex Emotet malware used to infect people by email. In order to do that, messages contained malicious download links, Microsoft Word document macros, and PDF files.
Hackers may face up to 12 years in prison for their actions.
Although it started as a banking trojan in 2014, Emotet became a loader for other types of malware, such as Trickbot and Ryuk. Also, other cyber criminals hired Emotet, so that they installed ransomware and info-stealers on their victim’s computers.
Team Cymru has been tracking Emotet’s activity. So, after the Interpol’s operation, they mentioned that the amount of malware controllers dropped to zero almost immediately. This serves as a proof for Europol that the action was successful.
Afterwards, the Dutch police announced that it set up a database where users can check if their computers were infected with Emotet.