Meet the white-hat group fighting Emotet, the world’s most dangerous malware


Background image via Guido Bohne (CC-BY-SA-2.0)

For more than a year, a group of security researchers and system administrators have banded together to fight back against Emotet, today’s most active and dangerous malware operation.

By working together, the Cryptolaemus group has seriously hindered Emotet operations. Daily, the group publishes updates on its website and Twitter account. They share so-called indicators of compromise (IOCs). These include IP addresses for Emotet command servers, subject lines used in Emotet spam campaigns, and file hashes for Emotet-infected files.

The Cryptolaemus members share these details so that system and network administrators around the world can import the IOCs into their cyber-security products and protect against possible Emotet infections, or help with early detections before the malware can do extensive damage.

“Personally, I just want to help people and stop this treat,” said Joseph Roosen, one of the…

Read More…