Breaking cybersecurity news, news analysis, commentary, and other content from around the world, with an initial focus on the Middle East & Africa and the Asia Pacific

Europol's Hunt Begins for Emotet Malware Mastermind

International law enforcement Operation Endgame shifts its crackdown to focus on individual adversaries.

Dark Reading Staff, Dark Reading

June 3, 2024

1 Min Read
Operation Endgame logo
Source: Operation Endgame

After a spectacular botnet takedown just a few days ago, Operation Endgame, an international cybersecurity law enforcement cooperative, has now trained its focus on the individual threat actors behind the botnets.

Late last month, Operation Endgame dismantled dropper botnet infrastructure that supported initial-access Trojan malware strains, including IcedID, SystemBC, Pikabot, Smokeloader, Bumblebee, and Trickbot, in a sweeping action. Now, Operation Endgame is going after the individual hackers behind the botnets.

Eight Russian nationals have been added to the list of Europe's most wanted fugitives for their roles behind developing the botnets, including Smokeloader and, most notably, TrickBot. The alleged cybercriminals are named and their photos have been shared among global law enforcement agencies.

Not yet identified, and of keen interest to cyber law enforcement, is the identity of the developer behind the once formidable Emotet malware as a service, who has been code-named "Odd."

The Odd threat actor has gone by various online handles, according to Operation Endgame and, after Emotet's 2021 takedown and one subsequent failed attempt to reemerge, has been able to evade law enforcement.

"Who is Odd?" Operation Endgame's video calling for information about the hacker appeals to viewers: "Please get in touch with us and let us know."

Operation Endgame, led by Europol, is focused on letting adversaries know they are being tracked and that they should consider switching sides.

"We have been investigating you and your criminal undertakings for a long time and we will not stop here," Operation Endgame's site warns cybercriminals. "Feel free to get in touch, you might need us. Surely, we could both benefit from an openhearted dialogue."

Operation Endgame's refrain, "Think about (y)our next move," reinforces the crackdown pledge.

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights