With the takedown of the powerful Emotet Trojan, the cybersecurity domain has started the year on a great note. The operation that ran for two whole years finally tasted success with a coordinated effort from law enforcement agencies and security professionals from across the world. However, there is still tension brewing in the air.
- Up to December 2020, Emotet was dubiously the world’s most popular malware, affecting 7% of organizations.
- Due to its popularity, it made for an attractive vector for attackers looking to deploy a variety of malware, including ransomware.
- With the help of the malware, cybercriminals were also able to expand their infection base by sending spam as a botnet or collecting credentials in phishing attacks.
- More than 1.6 million machines were infected by Emotet and it had caused hundreds of millions of dollars in damage by the time law enforcement intervened.
A breather with the takedown
- Last year, 78% of the overall loader volume contribution came from Emotet along with Trickbot and ZLoader.
- Although, after the takedown, a drastic drop in the activity has been noticed since January 26 of 2021.
Is this a short-lived relief?
- There still remains uncertainty about the comeback of Emotet even though the takedown operation was no herculean task.
- The tech giant, Microsoft, has also warned all of its customers against letting their guard down even after Emotet’s disruption.
- Telemetry collected by them disclosed that the trojan was very active, launching massive campaigns every week, just before the takedown. Emotet however, still remains a big security threat for organizations, given the reach and role in the deployment of payloads.
- It is also likely that its operators might already be planning a return with more catastrophic attacks.
At least for the moment, the takedown has disrupted the global operations of Emotet. The takedown comes as mighty good news for those fearing being infected with Emotet. The operation also gave law enforcement agencies a window in the operational world of the Trojan which may contribute to long-lasting efforts to eliminate the botnet, in case if it resurfaces. Sadly, Emotet’s absence may prove beneficial for other trojan families.
To read more, please check eScan Blog
