One of the largest botnets on the planet, if not the largest, was dismantled a few days ago by police and judicial authorities from different countries. Emotet, described as "the most dangerous malware in the world", was neutralized thanks to the seizure of its infrastructure.
Emotet, as we have told on several occasions, has acted in very different ways. Among them, spreading via email by, for example, controlling victims' accounts by sending messages on their behalf with infected attachments.
The Have I Been Emotet website allows you to check if your email has been used in attacks by Emotet, one of the most famous and prolific botnets on the planet.
To check if our email addresses or domains have been used by this botnet or have been the target of malicious messages, the Have I Been Emotet website has been created.
Have I Been Emotet, searching Emotet 's malspam database
Those responsible for this portal have been professionals from the Italian cybersecurity company TG Soft. What they have done has been to enable a search engine on this web page that allows you to enter an email address or a domain and know if you have been involved in any of the Emotet attacks.
The used database of this malware that started in 2014 as a banking Trojan is regularly updated and, at the time of writing, it was last updated on January 25. Recently, by the way, Emotet was sabotaged by a hacker.
The tool, if it finds our domain or email address, tells us if it has been used to send emails, if it has been spoofed or if it has been the victim of an attack
To give us an idea, when the tool appeared, this database only contemplated the shares of Emotet between the months of August and September 2020. A period that may seem short, but in which around 2.1 million email addresses and some 700,000 outgoing emails.
Using Have I Been Emotet is as simple as using the star tool of this type, I Have Been Pwned: we enter the email or domain that we want to find and click on the Check button. If our domain or address has been used, the web will tell us if it has been used to send emails directly, with SENDER REAL; if it has not been used directly, but it has been supplanted, with SENDER FAKE; or if it has been a recipient, with RECIPIENT.
0 Comments