On April 25th, law enforcement officials in the Netherlands delivered an Emotet update that removed the malware from all infected computers. The update was made possible after law enforcement agencies from across eight countries orchestrated a coordinated takedown in January to seize servers and arrest individuals behind Emotet, considered by many to be today’s largest malware botnet.
<p>While this action seems helpful at first glance, as an industry we should prepare for any potential public fallout or additional complications that result from law enforcement organizations seeking to mend impacted code inside of private company devices. </p> <p> </p> <p>This is a tricky issue because good intentions may lead to unintended consequences. For this type of approach to be successful over time, it will be important to have as many eyes as possible on these updates and, if possible, the law enforcement agencies involved should release these updates to the open internet so analysts can make sure nothing unwanted is being slipped in. That all said, we view this specific instance as a unique situation and encourage our industry partners to view this as an isolated event that required a special solution and not as an opportunity to set policy moving forward.</p>