As the Federal Office for Information Security, BSI for short, informed, a large Emotet infrastructure was smashed. Arne Schönbohm, President of the BSI, explains how we succeeded.
“Together with the police and public prosecutors, an important blow against international cyber crime was struck yesterday, Tuesday. Almost three years ago it was the BSI that called Emotet the 'king of malware'. Since then, we have repeatedly warned of the danger posed by Emotet and pointed out the sometimes considerable consequences for companies, authorities, institutions and, last but not least, for citizens. The list of victims is long: hospitals had to cease their medical operations, courts and city administrations were paralyzed, and countless companies had no access to their important business data and digital processes. Tens of thousands of private individuals' computers were also infected with Emotet, with the result that online banking was manipulated or passwords were spied on.
Delicate blow to international cyber crime
I am all the more pleased that the joint, international action of the authorities, after intensive preparation, has brought the hoped-for success and that this sensitive blow against internationally organized cyber crime has succeeded.
The BSI has started to work well with providers in Germany to inform those affected so that they can clean up their infected computers and laptops. I therefore call on all citizens: If you receive information from your provider about an Emotet infection of your systems, please take it seriously. Clean up your systems! If Emotet has infected your systems, we have to assume that other malware has also succeeded. These need to be tracked down and removed. The BSI provides support for disinfecting your IT with numerous recommendations and checklists, which can be accessed on our website at www.bsi-fuer-buerger.de. "
To the background of the action against Emotet
The Public Prosecutor's Office in Frankfurt am Main - Central Office for Combating Internet Crime (ZIT) - and the Federal Criminal Police Office (BKA) took over and smashed the infrastructure of the Emotet malware as part of an internationally concerted action with international law enforcement authorities. The Federal Office for Information Security (BSI) transmits the public IP address information of the connections concerned that is determined in the course of securing evidence to the network operators in Germany responsible for the respective IP network areas. The BSI forwards international IP addresses to the respective national CERTs. The providers are asked to inform their affected customers about the Emotet infection. The BSI provides information on cleaning up affected systems.
More on this at BSI.bund.de