Serviceteam IT Security News

The threat actors behind the notorious Emotet botnet managed to collect over four million victim email addresses over the past few years, it has emerged.

The news came from Troy Hunt, Microsoft regional director and founder of breach notification site HaveIBeenPwned.

The FBI recently reached out to Hunt to ask if the site could be used as an intermediary to help those concerned they may have been affected to check their emails against the trove.

“In all, 4,324,770 email addresses were provided which span a wide range of countries and domains,” Hunt explained in a new blog post.

“The addresses are actually sourced from two separate corpuses of data obtained by the agencies during the takedown: email credentials stored by Emotet for sending spam via victims’ mail providers; and web credentials harvested from browsers that stored them to expedite subsequent logins.”

Hunt advised any individual who finds their email was in possession of Emotet to ensure their anti-malware is up-to-date, and to change their email account password as well as any passwords and security questions for accounts that might have been stored in their inbox or browser.

“For administrators with affected users, refer to the YARA rules released by DFN Cert, which include rules published by the German BKA,” he added.

Other best practice security tips also apply, including the use of two-factor authentication where possible, and strong unique passwords stored in a password manager, as well as prompt patching of all OS and software.

Emotet was finally disrupted back in January after action from the FBI and European police. Last Sunday law enforcers delivered an update to the botnet designed to erase the malware from all infected machines globally.

However, with some of the group still at large, experts believe it’s only a matter of time before they come back with an improved version of the malware.

Source: Infosecurity Magazine

With over 20 years of experience, Serviceteam IT design and deliver sophisticated connectivity, communication, continuity, and cloud services, for organisations that need to stay connected 24/7. We take the time to fully understand your current challenges, and provide a solution that gives you a clear understanding of what you are purchasing and the benefits it will bring you.

To find out how we can help you, call us on 0121 468 0101, use the Contact Us form, or why not drop in and visit us at 49 Frederick Road, Edgbaston, Birmingham, B15 1HN.

We’d love to hear from you!

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *