Police in six European countries have helped dismantle “Emotet’, a global criminal hacking scheme.
Law enforcement authorities in France, Germany, Lithuania, the Netherlands, Ukraine and the United Kingdom were involved in the major operation to uncover the network. Police in Canada and the United States, as well as Europol, were also involved.
The scheme had stolen data from banks in the US and several European countries, causing an estimated $2.5 billion (nearly €2.1 billion) in damage.
“Emotet was currently considered the most dangerous malware worldwide,” Germany’s BKA federal police agency said in a statement, adding that the network had “infected a large number of IT systems of companies, authorities and institutions” in the country.
Emotet is used by cybercriminals to gain access to a victim’s computer before then downloading additional malicious software to manipulate online banking accounts or encrypt and lock a computer for blackmail.
Security experts say Emotet’s operators often sell access to victims’ computers to other hackers.
“Emotet’s criminal business model can be described as ‘malware-as-a-service,'” said the BKA. “It offered further criminals the basis for targeted cyber attacks.”
In Germany alone, infections with the Emotet malware caused at least €14.5 million in damage.
“The dismantling of the Emotet infrastructure represents a significant blow against internationally organised cybercrime and, at the same time, a major improvement in cybersecurity in Germany,” the authority stated.
Investigations into Emotet over suspected commercial computer fraud and other criminal offences had begun in August 2018.
Ukraine’s General Prosecutor said police had carried out raids in the eastern city of Kharkiv to seize computers used by the hackers.
Ukraine says the network had used malicious software to steal personal data including passwords, logins and payment data from private and state banks in the UK, Germany, Austria, Switzerland, the Netherlands, Lithuania and the US.
“During the searches, computer and server equipment was found and confiscated”, the prosecutor added in a statement. Images released by the authorities also showed a number of bank cards and a large quantity of money.
No suspects have been named in the investigation.
“Evidence is currently being gathered to report the suspicion of a number of people involved in criminal offences,” Ukrainian authorities said.