Emocrash killswitch enabled mitigation of Emotet

51
enabled mitigation of Emotet

A researcher effectively developed a vaccine for Emotet malware, which will protect systems from malware for 6 months. The botnet was first detected in 2014 and quickly grew in activity scale to steal credential data, download more vicious malware, and ransomware into the device. It was briefly inactive from February to August.

Binary Defense’s James Quinn finally announced the truth behind the inactivity of the botnet. The researcher had developed a killswitch by manipulating a buffer overflow liability in the malware’s installation procedure. He dubbed the killswitch as Emocrash. He’s not the only one on the defense; another anonymous vigilante has also been fighting the botnet’s nefarious attempts by replacing the payloads with funny memes and GIFs.

Source: Threatpost