One of the most dangerous e-mail spam botnets in recent history, Emotet, has been uninstalled from all infected devices today using a malware module that developed and deployed in January by international law enforcement agencies.
A Department of Justice press release states: “Foreign law enforcement agencies, in cooperation with the FBI, have replaced Emotet malware on servers in their jurisdiction with a file created by law enforcement agencies.”
Europol had previously reported that the German Federal Police Authority, the Federal Criminal Police Office (BKA), was responsible for the creation and deployment of the uninstall module, which ultimately enabled quarantine of the Emotet malware in the affected computer systems.
Emotet was used by the threat group TA542 alias Mummy Spider to deploy second-level payloads of the malware, including QBot and Trickbot, on the compromised computers of its victims. TA542 attacks have usually led to a complete network compromise and the use of ransomware payloads on all infected systems.
For more information, read the original story in Bleeping Computer