Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Destroying a botnet Panda Security
#1
https://www.pandasecurity.com/en/mediace...ack=180715              Destroying a botnet 

    May 24, 2021 2 minute read

We all know what a police raid looks like. Kicking down doors, flash grenades, shouting, noise and chaos as the police lead their suspects away in handcuffs.

At least that’s how TV shows it.

But when police went into action to break up a global cybercrime network, events were quite different.
A truly global botnet

Since 2017, organisations across the world have been falling victim to a string of malware and ransomware attacks launched from a botnet called Emotnet. Over the years, Emotnet was responsible for causing hundreds of millions of dollars worth of damage to businesses targeted by malware.

According to statistics compiled by the FBI, each Emotet incident cost approximately $1 million for the affected organisation. Little surprise that it was described as “one of the top cyber threats in the world.”

Between April 1st 2020 and January 17th 2021, approximately 1.6 million computers were infected by Emotnet worldwide..



US law enforcement cybersecurity specialists analysed the malware to identify where it was being controlled from. It was clear that the botnet was being operated from outside the US, so the FBI made contact with other law enforcement bodies to establish a coordinated response. Officials from Canada, France, Germany, Lithuania, Netherlands, Sweden and the Ukraine joined forces to dismantle the criminals’ network.

Working together, the taskforce was able to take down hundreds of infected web servers that were controlling Emotnet and helping to spread malware. More than 50 countries were involved in smashing the distribution system and taking control of the botnet.

Once they had control of the network, the taskforce turned Emotnet against itself. Where the botnet was used to control infected machines and download new malware, it was used to deliver a new update created by the FBI. Although it could not remove malware, the patch prevents infected computers from connecting to the Emotnet botnet, effectively breaking the hackers’ control.
Emotnet is gone, but there’s still work to do

During the course of the investigation, Dutch police discovered a database containing more than 3.6 million accounts, including e-mail addresses, usernames and passwords that had been stolen by the Emotet botnet. This information will have been used by scammers to commit other crimes like identity theft and fraud.

The Dutch National Police have launched a website where you can check if your accounts have been compromised here. Scroll to the bottom of the page for instructions in English.

It is also important to realise that although the Emotnet botnet has been smashed, affected computers will still be infected with malware. It is absolutely crucial that you check your computer and remove viruses, trojans and other malicious software to protect your personal data.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Vulnerabilities in WatchGuard, Panda Security Products Lead to Code Execution mrtrout 0 661 02-04-2024 , 06:49 AM
Last Post: mrtrout
  What is a Botnet? Bitdefender mrtrout 0 606 06-22-2023 , 10:13 PM
Last Post: mrtrout
  Mirai botnet targets 22 flaws in D-Link, Zyxel, Netgear devices mrtrout 0 556 06-22-2023 , 10:05 PM
Last Post: mrtrout
  Mozi IoT Botnet Now Also Targets Netgear, Huawei, and ZTE Network Gateways mrtrout 0 1,015 08-21-2021 , 10:35 PM
Last Post: mrtrout
  New ZHtrap botnet malware deploys honeypots to find more targets Bjyda 0 1,243 03-13-2021 , 12:25 AM
Last Post: Bjyda



Users browsing this thread: 1 Guest(s)