Ukrainian cyberpolice helped dismantle an international hacking system from Ukraine called Emotet, responsible for European and American banks losing $2.5 billion since 2014, Ukrainian authorities announced on Jan. 27.
Law enforcement seized server equipment, computer equipment as well as bank cards, money, and sensitive data in Kharkiv, Ukraine’s second-largest city with 1.4 million residents and located 500 kilometers east of Kyiv, and in Kharkiv Oblast.
Investigators said they learned the identity of two Ukrainians involved in the network, a collection of internet-connected devices infected by malware that allow hackers to control them.
Authorities didn’t say if suspects were arrested but claimed: “measures are being taken to detain them.”
According to Serhiy Kropyva, first deputy chief of Ukraine’s cyber police department, Ukrainian authorities led the investigation.
“Ukrainian law enforcement officers are the locomotive of the operation, and Europol and Eurojust play the role of coordinators,” he said in the press release.
Still, Ukrainian law enforcement joined forces with the Netherlands, France, Canada, Germany, the U.S. and Lithuania to crack down on Emotet, dubbed the “world’s most dangerous malware” by the European security agency Europol.
The authorities gained control of the infrastructure and took it down from the inside, redirecting infected machines towards a law enforcement-controlled infrastructure.
Emotet emerged in Ukraine in 2014. Since then, the network has helped hackers around the world disrupt private and state banking institutions of the U.S., Great Britain, Germany, Austria, Switzerland, the Netherlands and Lithuania.
The malware was spread through spam or an innocent-looking Word document, often in an email attachment.
Once inside a system, someone with access to the malware infrastructure could use it to smuggle in their own trojan viruses in order to gain access to bank data, sell stolen data or extort money for blocked data.
Law enforcement completely disabled the network operating on 90 servers in Europe and the US. In Ukraine, once caught, the perpetrators face up to twelve years in prison with confiscation of property.
