TOKYO – Emotet, considered the world’s most dangerous malware, has recently returned and infected some computers in Japan after it was earlier taken down by an international law enforcement operation, cybersecurity experts said Thursday.
The experts warned the malware can pose a serious threat to unprotected systems around the world. They suspect there is a group of hackers who inherited knowledge on how to create and operate Emotet from the cybercrime gang that controlled it.
Emotet infiltrated mailboxes of organizations in Japan through about a dozen emails by Nov. 17 and infected some computers via those messages, according to tech security firm Lac Co.
Japan’s Information-technology Promotion Agency also said it has found nine types of malicious files attached to emails.
Emotet, which first appeared in 2014, can steal passwords and install remotely controlled programs by delivering malware through emails disguised as return messages from clients and friends, among others.
Infected computers can launch attacks on other computers through remotely controlled programs.
Emotet has reportedly inflicted tens of billions of yen of damage by infecting over 1.7 million computers around the world. In Japan, it infected computers at various organizations, such as Tokyo Metropolitan University and the Japan Medical Association.
In January, authorities in six European countries as well as Canada and the United States took down the main servers in an operation coordinated by Europol and neutralized Emotet in April. Two individuals were arrested in relation to the case, according to media reports.
Lac said three main servers were taken down in the operation, but the latest emergence of Emotet is being controlled by two other servers.
“It can spread a massive amount of malware files. People need to be aware it is dangerous to open suspicious emails and attachments,” an IPA official said.