The world's most dangerous malware, Emotet, is back

The dangerous Emotet malware – which attacks via a bogus email – is spreading around the web, warn security experts. — dpa

Not long ago, there was a piece of malware spreading across the globe wreaking havoc on the computer systems of governments, major companies, hospitals and everyday users.

Emotet would infect your computer by arriving as an email that looked legitimate. Once on your computer, it could do any number of malicious things, such as finding out your online banking password or encrypting all your files and demanding money to get them back.

It would then often go on to read your address book and start sending out bogus emails that seem to come from you, spreading the infection to even more computers.

But in January of this year, authorities gave the all clear.

Europol, the EU's police service, announced that the infrastructure of the "world's most dangerous malware" – used mainly by organised crime groups – had been brought under control.

Investigators from eight countries were involved in the operation, which lasted more than two years. Indeed, no further Emotet incidents became known afterwards.

Then on Sunday evening, the systems of one team of security analysts registered a malware called TrickBot, which in turn loaded another malware.

This was confirmed to be Emotet.

Experts from other security companies also confirmed the analysis of IT security company G Data.

Almost a year after the major attack from the extremely dangerous malware was declared over, the security experts are now warning that Emotet is back.

"Smells like Emotet, looks like Emotet, behaves like Emotet – seems to be Emotet," is the conclusion of cybersecurity experts from G Data in a November 15 report called "Guess Who's Back?" The German company had been supporting authorities with technical analyses.

Security experts first became aware of Emotet in 2014 when it first infected systems around the world as a trojan.

"The Emotet infrastructure essentially acted as a primary door opener for computer systems on a global scale," Europol said, describing how it worked.

The malware is thought to have infected the IT systems of various companies, governments and institutions. Alone in Germany the malware was found on tens of thousands of private computers.

The malware typically used a Word document, often disguised as a harmless attachment to an email or even as a link, to break into a person's computer.

As soon as access was gained, it was sold to cybercriminals. These in turn were able to smuggle in their own trojans or ransomware in order to gain access to bank data, resell captured data or extort a ransom for blocked files.

The malware was hidden in fake invoices, delivery notices or would-be information about Covid-19, but when the user clicked on the link or opened the attachment, the malware installed itself and spread rapidly.

Ruediger Trost, an expert at the cybersecurity company F-Secure, said the challenges for companies don't structurally change with this latest emergence of Emotet. "But the level of cybersecurity risk for companies increases when this malware family reappears in greater numbers."

What should you do if you think Emotet or a similar malware is installed on your computer? Experts say you should change immediately change all the passwords stored on the infected computer, such as those saved within browsers.

You should then reinstall the operating system to wipe out all traces of the malware. – dpa

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 46
Cxense type: free
User access status: 3
Join our Telegram channel to get our Evening Alerts and breaking news highlights


Next In Tech News

U.S. Commerce Dept says chips shortage to persist, will review some pricing
EU antitrust decision on Nvidia's Arm deal set for May 25
Logitech CEO expects semiconductor shortage to continue in 2022
Google offers new replacement for advertising cookies after 'FLoC' falls short
JPMorgan agrees to acquire 49% stake in Greek fintech Viva Wallet
Cybertrucks, new factories in focus as Tesla set to report record earnings
Nvidia preparing to walk away from Arm acquisition - Bloomberg News
Toyota to produce record 11 million cars in fiscal 2022 if chip supply stable - Nikkei
Temasek buys Bridgepoint's Element Materials in $7 billion deal
Volkswagen and Bosch team up on automated driving software

Others Also Read