Police smash 'world's most dangerous' cybercrime service

Police around the world team up to infiltrate botnet

BERLIN, GERMANY - JUNE 22: In this photo Illustration hands typing on a computer keyboard on June 22, 2016 in Berlin, Germany. (Photo Illustration by Thomas Trutschel/Photothek via Getty Images) *** Local Caption ***  op27se-online-troll.jpg
Powered by automated translation

International police disrupted the "world's most dangerous" cyber-crime service used to break into computer systems, law agencies announced on Wednesday.

The illicit service, called Emotet, was operated as a so-called botnet, software that infects a network of computers and allows them to be controlled remotely, Europol and its judicial sister agency Eurojust said.

Police in Britain, Canada, Germany, Lithuania, the Netherlands, Ukraine and the US teamed up to infiltrate Emotet's infrastructure.

"Law enforcement and judicial authorities worldwide this week disrupted one of the most significant botnets of the past decade, Emotet," Europol said.

The network involved several hundred servers around the world that were used to "manage the computers of the infected victims, to spread to new ones, to serve other criminal groups", the agency said.

"Investigators have now taken control of its infrastructure in an international co-ordinated action."

Emotet was offered for hire to other top-level criminals who then used it as door opener to install other types of malware, making it especially dangerous, Europol said.

This included infamous Trojans that steal bank details and credentials, and ransomware that locks files and systems and holds them for ransom for large sums of money.

Criminals use email attachments to trick unsuspecting victims into opening the mails, making them look like invoices, shipping notices and information about Covid-19.

All of these emails contained Word documents attached to the email or downloadable by clicking on a link within.

When a user opened one of these documents, they were prompted to "enable macros" so that the malicious code hidden in the Word file could run and install Emotet malware on a victim's computer.

"Emotet was one of the biggest vectors of corporate infection in ransomware and data theft attacks," Gerome Billois, a Paris cybersecurity expert for the consultancy Wavestone, told AFP.

The police action "shows that it is possible to stop cyber criminals", Mr Billois said.