Hello everyone and welcome to ZD Tech, the daily podcast from the ZDNet.fr editorial staff. My name is Louis Adam and today I will explain to you what is Emotet, one of the most formidable botnets of recent years.
First of all, let’s start at the beginning: Emotet is both the name of malware and that of a botnet, a network of computers infected by this software. If the concept is not familiar to you, I refer you to a previous episode of ZD tech devoted to botnets for more details.
1.6 million computers infected
But originally, Emotet was designed for very different purposes. First appearing in 2014, the Emotet malware was banking malware. This infected computers to steal their access credentials to online banking sites, in order to allow cybercriminals to siphon victims’ accounts.
But over the years, the creators of this software have evolved its functionalities, until completely transforming it. In 2017, the functioning of Emotet changed to make it a modular Trojan horse with significant propagation capabilities.
The modular nature of Emotet allows it to evolve quickly. Its abilities have allowed it to infect just over 1.6 million computers worldwide, making Emotet one of the largest botnets.
Cryptolaemus vs. Emotet
As of 2017, the main objective of Emotet is to build a network of computers in order to be able to rent access to infected machines to other cybercriminal groups. Emotet is then used to spread other malware, like ransomware or others.
So inevitably, such activity does not go unnoticed by security researchers or law enforcement.
In the computer security community, the informal group Cryptolaemus brings together researchers who list and follow the evolutions of this monstrous botnet. And on the side of the police, efforts have multiplied to put an end to the activities of this network.
A new Emotet
In January 2021, it was even believed that the final blow had been given.
A massive police operation in Europe saw law enforcement take control of the botnet’s command servers and release an update aimed at disinfecting Emotet-controlled devices.
Unfortunately, mass disinfection of machines is not enough. If the servers were indeed seized, only two arrests were announced in Ukraine. And it was obviously not about the thinking heads: less than a year after the announcement of the dismantling, a new version of Emotet appeared on the network.
This is not a shot in the water: this new version of the malware must start from scratch. But Emotet seems set to continue to worry computer security officials and cyberpolice.
Find ZD Tech on podcast platforms
- To subscribe to ZD Tech on Apple Podcast, it’s here
- To subscribe to ZD Tech on Spotify, it’s here
- To subscribe to ZD Tech on Deezer, it’s here
- To subscribe to the ZD Tech on Podcast Addict, click here
- To subscribe to ZD Tech on Amazon Music, click here
- To subscribe to ZD Tech on Google Podcast, click here
- To subscribe to ZD Tech on Pocket Casts, click here
- To subscribe to ZD Tech on Castbox, click here
- To subscribe to The ZD Tech on Overcast, click here
- To subscribe to ZD Tech on Castro, click here
- To subscribe to the ZD Tech on Podtail, click here
- To subscribe to ZD Tech on TuneIn, click here
- To subscribe to ZD Tech on Podnews, it’s here
- To subscribe to ZD Tech on Listen Notes, it’s here
- To subscribe to ZD Tech on Chartable, click here
- To subscribe to ZD Tech on Cast Box, click here
- To subscribe to ZD Tech on Android, it’s here