Home / Early Warning / Cybersecurity Highlights / An International collaboration disrupts Emotet botnet

An International collaboration disrupts Emotet botnet


Europol has issued a statement informing that the botnet, EMOTET, has been disrupted following an international operation, coordinated by Europol and Eurojust, involving law enforcement and judicial authorities from the Netherlands, Germany, the United States, the United Kingdom, France, Lithuania, Canada and Ukraine.

The operation, carried out within the framework of the European Multidisciplinary Platform Against Criminal Threats (EMPACT), has enabled authorities to take control of their entire infrastructure of hundreds of servers located around the world, following a strategy of redirecting infected machines to an infrastructure controlled by law enforcement.

EMOTET has been one of the most enduring and professional cybercrime services, with features well described in INCIBE-CERT blog.

On the other hand, a database containing email addresses, usernames and passwords stolen by EMOTET has been found.

A global strategy is currently being followed to inform affected people and to clean infected systems through the Computer Emergency Response Teams (CERTs). In addition, an investigation is ongoing to find responsible ones for managing the botnet.