Home > Malware & Viruses > FBI Gave Emotet’s 4.3 Million Email Addresses To Have I Been Pwned

FBI Gave Emotet’s 4.3 Million Email Addresses To Have I Been Pwned

April 28, 2021
CIM Team

The FBI has handed over 4.3+ million email addresses that were harvested by the Emotet botnet to the Have I Been Pwned (HIBP) data breach service. Anyone can use this service to see if their private information – email addresses, in this case – have been harvested by the botnet.

HIPB has been created by an Australian security researcher Troy Hunt is and become a trusted breach alert service that provides data to Mozilla’s Firefox own breach alerts.

Emotet is a notorious botnet that Europol called the world’s most dangerous botnet that since 2014, has been responsible for distributing ransomware, banking trojans, and other malware in a big number of phishing campaigns and spam.

The FBI collected the email addresses from Emotet’s servers in a seizure of attackers’ computers in January. The Emotet malware botnet was taken down by law enforcement in the US, Canada, and Europe in a smart self-destruction campaign we described earlier.

In January, law enforcement in the Netherlands and Germany’s law enforcement took over attackers’ key domains and seized their servers. After which, they pushed an update to about 1.6 million computers infected with Emotet that contained a kill switch that uninstalled the malware on April 25 from all impacted machines.

Hunt said in a blogpost that the FBI handed him over “email credentials stored by Emotet for sending spam via victims’ mail providers.” In addition, the police gave him “web credentials harvested from browsers that stored them to expedite subsequent logins.” The data have been uploaded into HIPB as a single “breach.” Even though it’s not the typical data breach for which the site collects credentials and email addresses, Hunt accepted the offer to help internet users protect themselves.

If individuals or organizations find their details on HIPB, Hunt suggests they:

Keep their security tools like antiviruses up to date.
Change email passwords and security questions for any accounts they may have stored in either inbox or browser.
For administrators, read the YARA rules by DFN Cert.

About the author

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.

Necessary

Always Enabled

Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Functional

Performance

Analytics

Others

FBI Gave Emotet’s 4.3 Million Email Addresses To Have I Been Pwned

About the author

CIM Team

Share:

Related ARTICLES

CaTEGORIES

Quick Nav

FBI Gave Emotet’s 4.3 Million Email Addresses To Have I Been Pwned

About the author

CIM Team

Share:

Related ARTICLES

Weekly Cyber Threat Report, May 22-26, 2023

Devastating DDoS Attacks Launched Against Gaming Industry by Dark Frost Botnet

Israeli Logistics Sector Attacked by Iranian Tortoiseshell Hackers

GoldenJackal: New Threat Gang Attacking South Asian And Middle Eastern Governments

CaTEGORIES

Quick Nav