Emotet: Where are we today?
By the end of January 2021, thanks to international collaboration, the authorities had succeeded in dismantling the infrastructure that was being used by hackers as part of the organization.
Emotet, 'one of the largest botnets of zombies in the world. While this has been presented as a major step forward in the fight against cybercrime, experts are calling it into the fact that this could only be a respite for organizations that had been hit hard.
4 months is what dismantling could leave businesses as a respite. Because it is very likely that other hackers will take over this juicy business. This not to mention the alternative that the gangs behind Emotet can on launch.
This article will also interest you: Is the Maze hacker group gone?
Let's go back to the beginning of this case. On 27 January, European police cooperation enthusiastically declared that it had succeeded in dismantling one of the world's largest zombie networks. The group behind Emotet is believed to be guilty of thousands of computer attacks around the world. To succeed, all the police authorities cooperating in this case have seized in their respective states, all servers used by hackers to control their network of infected machines around the world.
In such a situation, the hackers found themselves unarmed. This situation would be exacerbated by the erasure of all their malware installed in contaminated devices. "It was the most active group, the number 1, so it's definitely going to give us a break," said David Kopp, head of the European security company's threat response team at Trend Micro. However, the latter is under no illusions. He knows the work is not yet finished: "Certainly the operations will be stopped for a while… and it is certain that others will resume the same type of operations by the end of the year. This environment works like that of drug dealers: when the police dismantle one network, another will take its place. ».
The situation, it must be admitted, is quite disturbing for many computer security specialists. Indeed, their role finds meaning in protecting against computer attacks, while their opponents find their own in computer attacks, which pays much more. Recently a Russian hacker had confided in an exchange, that he had decided to be a hacker because he earns much more than as a computer security professional. However, he mentioned that if he could earn much more by being a cybersecurity specialist, he was sure he would change jobs.
From a practical point of view, we know that cybersecurity and cybercrime are very important markets for their players. For hackers, their activities have become like normal work. An activity like any other followed by remuneration that corresponds to the efforts made. For the latter, selling computer data where extorting money from Internet users is a market like any other. A market that is becoming more and more attractive. Indeed, hackers are constantly raising more and more money. With what these hackers earn in their various attempts, they are able to recruit better hacker, much more than the security companies themselves. They are also able to equip themselves with state-of-the-art equipment to not only remain competitive and efficient, because at this level there is also competition, but also to expand their activities as a company would.
"The dismantling of Emotet's infrastructure can be compared to the shutdown of a normal company's production line. Cybercriminals will have to deal with the issue of resilience, and face the same issues that their victims face," says Kopp. To some extent, it is safe to say that the operators behind Emotet had an excellent place in this business. He was considered the number one. The key question facing security specialists at the moment is whether they will be able to restart their business after a hit. Or of course if another competitor will take advantage of the situation to expand its influence. According to David Kopp: "Even if the infrastructure has fallen, if cybercriminals are not stopped, they will simply deport themselves to another infrastructure." However, on the issue of the arrest of members of this group, Europol has not disclosed enough information.
Now access an unlimited number of passwords: