Described by Europol as “one of most significant botnets of the past decade,” Emotet left a trail of destruction in its wake as it rampaged across the world. Here’s everything you need to know about this devastating malware.

Spread by spam emails, Emotet’s goal was to compromise devices and networks and sell back-door access to anyone.

Emotet was much more than just malware. The cybercriminals behind it behaved like a commercial business, offering their weapon for hire to other cybercriminals. This allowed these third parties to install all kinds of malicious software – like banking trojans, ransomware, botnets and cryptocurrency miners – onto their victims’ networks.

The scale of the damage.

With an estimated clean up cost of $1m per attack, the US Department of Homeland Security concluded Emotet had enormous destructive power. Germany’s Federal Office for Information Security called Emotet the “king of malware.”

There’s no question Emotet is one of the most complex and dangerous malware ever. It left a trail of expensive attacks in its wake, partly because it’s polymorphic, which means its code changes a little bit every time it’s accessed. This made it almost impossible for antivirus software to defeat.

Like their code, the cybercriminals behind Emotet were constantly on the move. Because of this dynamic and nebulous strategy, a coordinated effort by eight law enforcement agencies was needed to finally take Emotet down.

The victims of Emotet.

After being infected with Emotet, German hospital Fuerstenfeldbruck shut down almost 500 computers and had to resort to paper based documentation in the rescue control center to control the infection. Unconfirmed reports claimed this led to lives being put in danger, the attack was considered by many to be the lowest point of Emotet’s regime of destruction.

In 2019, the Berlin Court of Appeal and the University of Giessen were attacked and suffered major disruption. The Medical University of Hannover and the city administration of Frankfurt am Main also fell victim to Emotet, with countless other organisations likely to have been attacked.

The king of malware.

Nobody truly knows who is behind Emotet. As you’ll see in hacker:HUNTER, the group was eventually traced to Ukraine but speculation remains that those arrested were not the only perpetrators and that Emotet could morph and rise again to cause carnage around the world.

Watch the episode now and see the full story for yourself.