As of April 25, 2021, the Emotet malware has been automatically removed from all Windows computers. This was done through a clearing facility that International Law Enforcement had installed on infected systems as early as January 2021.
The Emotet is a family of malware in the form of macros that infect Trojans email recipients by sending seemingly authentic emails. When a recipient opens their email attachment, the malware modules load and run.
Emotet has been responsible for many successful ransomware attacks against companies, government agencies and organizations worldwide. Emotet was considered the most dangerous malware in the world and until recently it infected a large number of systems of companies, authorities and institutions, in addition to the computers of hundreds of thousands of individuals.
Emotet's so-called "downloader" could infect victim systems and download additional malware to intercept online banking, copy stored passwords, or encrypt the system for extortion.
With access to Emotet Command & Control (C&C) servers in January 2021, law enforcement authorities were able to modify the malware loading feature, install their own drives on the victims' infected systems, and at the same time disable its functions. malware. Since then, victim systems have only been able to communicate with controlled C&C servers.
So the authorities added an uninstall script to the systems to automatically uninstall the Emotet malware from the infected systems on April 25, 2021. The script deleted all services related to Emotet.