1. Skip to content
  2. Skip to main menu
  3. Skip to more DW sites

Investigators shut down 'world's most dangerous' malware

January 27, 2021

Authorities say they are now in control of a cyberattack instrument mainly used by organized crime networks.

A man holds a laptop computer as cyber code is projected on him
The Emotet malware first appeared in 2014 as a so-called TrojanImage: Reuters/K. Pempel

An international team led by German and Dutch investigators brought down the operational network Emotet, described as the world's most destructive malware, Europol announced on Wednesday.

The international law-enforcement agency tweeted the news saying: "Bye-bye botnets. Huge global operation brings down the world's most dangerous malware."

The Emotet infrastructure had been used mainly by organized crime networks, but was taken over after a two-year investigation in eight countries.

How does the malware work?

Emotet has been one of the "most dangerous instruments for cyberattacks" in recent years, a Europol spokesperson said, adding that it had first appeared in 2014 as a so-called trojan. 

"The Emotet infrastructure ... was able to infect entire networks in a unique way just by accessing a few devices," the spokesman said.

The malwareentered a user's system as an innocent-looking Word document, often in an email attachment. 

The virus was hidden inside fake invoices, delivery announcements or false information about COVID-19 — and much like the coronavirus, it would then quickly replicate itself inside the system.

Once inside a system, someone with access to the malware infrastructure could use it to smuggle in their own trojan viruses in order to gain access to bank data, sell stolen data or extort money for blocked data.

ab/aw (AP, dpa)