{"id":3856,"date":"2024-06-03T14:48:34","date_gmt":"2024-06-03T19:48:34","guid":{"rendered":"https:\/\/www.darkreading.com\/cybersecurity-operations\/europols-hunt-begins-for-emotet-malware-mastermind"},"modified":"2024-06-03T14:48:34","modified_gmt":"2024-06-03T19:48:34","slug":"europols-hunt-begins-for-emotet-malware-mastermind","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/06\/03\/europols-hunt-begins-for-emotet-malware-mastermind\/","title":{"rendered":"Europol’s Hunt Begins for Emotet Malware Mastermind"},"content":{"rendered":"
<\/a><\/div>\n
<\/div>\n

After a spectacular botnet takedown just a few days ago, Operation Endgame, an international cybersecurity law enforcement cooperative, has now trained its focus on the individual threat actors behind the botnets.<\/span><\/p>\n

Late last month, Operation Endgame <\/span>dismantled dropper botnet infrastructure<\/a><\/span> that supported initial-access Trojan malware strains, including IcedID, SystemBC, Pikabot, Smokeloader, Bumblebee, and <\/span>Trickbot<\/a><\/span>, in a sweeping action. Now, Operation Endgame is going after the individual hackers behind the botnets.<\/span><\/p>\n

Eight Russian nationals have been added to the list of Europe’s most wanted fugitives for their roles behind <\/span>developing the botnets<\/a><\/span>, including Smokeloader and, most notably, TrickBot. The alleged <\/span>cybercriminals are named<\/a><\/span> and their photos have been shared among global law enforcement agencies.<\/span><\/p>\n

Not yet identified, and of keen interest to cyber law enforcement, is the identity of the developer behind the once formidable <\/span>Emotet malware as a service<\/a><\/span>, who has been code-named “Odd.”<\/span><\/p>\n

The Odd threat actor has gone by various online handles, according to Operation Endgame and, after <\/span>Emotet’s 2021 takedown<\/a><\/span> and one subsequent <\/span>failed attempt to reemerge<\/a><\/span>, has been able to evade law enforcement.<\/span><\/p>\n

“Who is Odd?” <\/span>Operation Endgame’s video<\/a><\/span> calling for information about the hacker appeals to viewers: “Please get in touch with us and let us know.”<\/span><\/p>\n

Operation Endgame, led by Europol, is focused on letting adversaries know they are being tracked and that they should consider switching sides.<\/span><\/p>\n

“We have been investigating you and your criminal undertakings for a long time and we will not stop here,” <\/span>Operation Endgame’s site<\/a><\/span> warns cybercriminals. “Feel free to get in touch, you might need us. Surely, we could both benefit from an openhearted dialogue.”<\/span><\/p>\n

Operation Endgame’s refrain, “Think about (y)our next move,” reinforces the crackdown pledge.<\/span><\/p>\n

Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

After a spectacular botnet takedown just a few days ago,<\/p>\n","protected":false},"author":12,"featured_media":3857,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1],"tags":[809],"class_list":["post-3856","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized","tag-dark-reading"],"featured_image_urls":{"full":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/06\/europols-hunt-begins-for-emotet-malware-mastermind.png?fit=943%2C463&ssl=1",943,463,false],"thumbnail":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/06\/europols-hunt-begins-for-emotet-malware-mastermind.png?resize=150%2C150&ssl=1",150,150,true],"medium":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/06\/europols-hunt-begins-for-emotet-malware-mastermind.png?fit=300%2C147&ssl=1",300,147,true],"medium_large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/06\/europols-hunt-begins-for-emotet-malware-mastermind.png?fit=640%2C314&ssl=1",640,314,true],"large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/06\/europols-hunt-begins-for-emotet-malware-mastermind.png?fit=640%2C314&ssl=1",640,314,true],"1536x1536":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/06\/europols-hunt-begins-for-emotet-malware-mastermind.png?fit=943%2C463&ssl=1",943,463,true],"2048x2048":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/06\/europols-hunt-begins-for-emotet-malware-mastermind.png?fit=943%2C463&ssl=1",943,463,true],"chromenews-featured":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/06\/europols-hunt-begins-for-emotet-malware-mastermind.png?fit=943%2C463&ssl=1",943,463,true],"chromenews-large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/06\/europols-hunt-begins-for-emotet-malware-mastermind.png?resize=825%2C463&ssl=1",825,463,true],"chromenews-medium":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/06\/europols-hunt-begins-for-emotet-malware-mastermind.png?resize=590%2C410&ssl=1",590,410,true]},"author_info":{"display_name":"Dark Reading","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/darkreading\/"},"category_info":"Uncategorized<\/a>","tag_info":"Uncategorized","comment_count":"0","jetpack_featured_media_url":"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/06\/europols-hunt-begins-for-emotet-malware-mastermind.png?fit=943%2C463&ssl=1","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/3856","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=3856"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/3856\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media\/3857"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=3856"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=3856"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=3856"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}