- An “update” pushed out earlier this year by law enforcement agencies, including Europol, on Sunday began erasing Emotet malware from infected devices worldwide.
- The “update” file – a customized DLL file called EmotetLoader.dllsent – was activated on infected devices to erase the malware.
- The latest move by law enforcement agencies against Emotet infections came after the FBI earlier this month obtained a court order permitting it to remotely remove web shells – scripts that allow remote access – from vulnerable on-premises Microsoft Exchange servers in the U.S.
- After being dormant for several months last year, Emotet reappeared in December 2020 with a new campaign delivering Trickbot malware.
- Described by Europol as one of the most professional and long-lasting cybercrime services, Emotet, originally a banking Trojan, was discovered in 2014; it later evolved into a network access service.
– Prajeet Nair | April 26, 2021