The Justice Department today announced its participation in a multinational operation involving actions in the United States, Canada, France, Germany, the Netherlands, and the United Kingdom to disrupt and take down the infrastructure of the malware and botnet known as Emotet. Additionally, officials in Lithuania, Sweden, and Ukraine assisted in this major cyber investigative action.

“The Emotet malware and botnet infected hundreds of thousands of computers throughout the United States, including our critical infrastructure, and caused millions of dollars in damage to victims worldwide,” said Acting Deputy Attorney General John Carlin. “Cyber criminals will not escape justice regardless of where they operate. Working with public and private partners around the world we will relentlessly pursue them while using the full arsenal of tools at our disposal to disrupt their threats and prosecute those responsible.”

According to an unsealed search warrant affidavit, Emotet is a family of malware that targets critical industries worldwide, including banking, e‑commerce, healthcare, academia, government, and technology. Emotet malware primarily infects victim computers through spam email messages containing malicious attachments or hyperlinks. Emails were designed to appear to come from a legitimate source or someone in the recipient’s contact list. Once it has infected a victim computer, Emotet can deliver additional malware to the infected computer, such as ransomware or malware that steals financial credentials. Ransomware, in particular, has increased in scope and severity in the past year, harming businesses, healthcare providers, and government agencies even as the country has struggled to respond to the pandemic.

Read more: Department of Justice