In January 2021, coordinated by Europol and Eurojust, law enforcement authorities from the Netherlands, Germany, the United States, the United Kingdom, France, Lithuania, Canada and Ukraine collaborated on one of the most dramatic ...

Executive Summary This paper investigates a recent Emotet intrusion and details how the final Emotet payload is installed onto the system. The key observations are: Obfuscated Excel macros used to download and ...

Old malware—even strains that have been taken down by law enforcement—never die. Nor do they just fade away; instead, they disappear for a while, regroup and re-emerge. This is exactly what the ...

Security researchers have warned that they have seen a number of malicious email campaigns which pose as communications from the Internal Revenue Service (IRS). The post As tax deadlines approach, Emotet malware ...

Dear blog readers,I've decided to share a recently obtained Emotet botnet C&C server IPs for the purpose of empowering everyone with the necessary technical information on their way to track down and ...

Emotet’s seven-year reign of terror will come to an end Sunday, April 25, 2021 – at least in theory, when law enforcement completes a scheduled mass uninstallation of its infrastructure. A ‘scheduled ...

At the end of January 2021, Emotet, “the world’s most dangerous malware,” was taken down by law enforcement following an extensive effort by a global coalition of agencies across Europe and the ...

Recently, we published a piece highlighting early stage loaders often used in ransomware attacks. One of the most prolific was Emotet, which has since been taken down via a coordinated, multi-national effort ...

Police from eight countries have shut down all three of the Emotet malware’s “epoch” C2 server clusters. Incredible ...

What’s happened? Law enforcement agencies across the globe say that they have dealt a blow against Emotet, described by Interpol as “the world’s most dangerous malware”, by taking control of its infrastructure ...