fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Emotet Botnet Disrupted After Global Takedown Operation

Emotet Botnet Disrupted After Global Takedown Operation

The infrastructure of today’s most dangerous botnet built by cybercriminals using the Emotet malware was taken down following an international coordinated action coordinated by Europol and Eurojust.

The joint effort between law enforcement agencies and authorities from Netherlands, Germany, the United States, the United Kingdom, France, Lithuania, Canada, and Ukraine allowed investigators to take control of the botnet’s servers and disrupt the malware’s operation.

Following a global investigative effort, judicial authorities and law enforcement took down the botnet’s whole infrastructure from the inside after gaining control of its servers earlier this week.

“The infrastructure that was used by EMOTET involved several hundreds of servers located across the world, all of these having different functionalities in order to manage the computers of the infected victims, to spread to new ones, to serve other criminal groups, and to ultimately make the network more resilient against takedown attempts,” Europol explained.

“The infected machines of victims have been redirected towards this law enforcement-controlled infrastructure. This is a unique and new approach to effectively disrupt the activities of the facilitators of cybercrime.”

Also Read: What Do 4 Messaging Apps Get From You? Read The iOS Privacy App Labels

Emotet
Image: Europol

You can check if your e-mail address has been compromised by Emotet and used to deliver malicious emails using this Dutch National Police portal.

This portal will help you search through a database of e-mail addresses, usernames, and passwords stolen by Emotet and found earlier this week by the Dutch National Police during the criminal investigation that led to the botnet’s disruption.

The Ukrainian police’s Cyberpolice Department also arrested two individuals suspected to have been involved in the botnet’s infrastructure maintenance and are facing 12 years in prison if found guilty.

Other members of a cybercrime group that used the infrastructure of the Emotet botnet were also identified during the investigation with measures being taken to detain them.

A video of the arrests made by the Ukrainian police is embedded below.

Today’s largest and most dangerous botnet

The Emotet malware was first spotted as a banking Trojan in 2014 and it has evolved into a botnet used by the TA542 threat group (aka Mummy Spider) to deploy second-stage malware payloads.

Emotet drops QakBot and Trickbot (which in turn deploy both Ryuk and Conti ransomware) trojan payloads on victims’ compromised computers.

“The EMOTET infrastructure essentially acted as a primary door opener for computer systems on a global scale,” Europol added.

“Once this unauthorised access was established, these were sold to other top-level criminal groups to deploy further illicit activities such data theft and extortion through ransomware.”

Following a break of more than a month, the Emotet botnet was revived on December 21sts [12], with Microsoft spotting a campaign delivering “a wide range of lures in massive volumes of emails, the use of fake replies or forwarded emails, password-protected archive attachments.”

Before this short break, Emotet has targeted US state and local governments in potentially targeted campaigns according to an October DHS-CISA advisory.

The highly active Trickbot botnet was also partially and temporarily disrupted following a joint operation in October 2020.

Also Read: Key PDPA Amendments 2019/2020 You Should Know

Update: Added info on arrests made by the Ukrainian police.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us