From April 25, 2021, the malicious Emotet software was automatically removed from all Windows computers. This was done through a cleanup feature that Law Enforcement International had installed on infected systems as early as January 2021.
The Emotet is a family of malware in the form of macros that infect Trojans email recipients by sending seemingly authentic emails. When a recipient opens their email attachment, the malware modules load and run.
Emotet has been responsible for many successful ransomware attacks against companies, government agencies and organizations worldwide. Emotet was considered the most dangerous malware in the world and until recently infected a large number of systems of companies, authorities and institutions, in addition to the computers of hundreds of thousands of individuals.
Το λεγόμενο "downloader" του Emotet μπορούσε να μολύνει συστήματα θυμάτων και να κατεβάζει επιπλέον κακόβουλο λογισμικό, για να επεμβαίνει σε διαδικτυακές τραπεζικές συναλλαγές, να αντιγράφει αποθηκευμένους κωδικούς πρόσβασης ή να κρυπτογραφεί το σύστημα για εκβιασμό.
With access to Emotet Command & Control (C&C) servers in January 2021, law enforcement authorities were able to modify the malware loading feature, install their own drives on the victims' infected systems, and at the same time disable its functions. malware. Since then, victim systems have only been able to communicate with controlled C&C servers.
So the authorities added an uninstall script to the systems for it automatic uninstalled Emotet malware from infected systems on April 25, 2021. The script deleted all services related to Emotet.