The creator of the Have I Been Pwned data breach alert website is once again urging Internet users to check his site to see if their data has been caught up in yet another high-profile security incident — the incident, this time, being a botnet called Emotet, which the European Union’s law enforcement arm has described as “the world’s most dangerous malware.”
What happened: Emotet has been rampaging all over the Internet since 2014, but it was finally taken down by a joint law enforcement effort earlier this year between the US, Canada, and Europe. The botnet had ended up harvesting a few million email addresses, and the FBI thought the best way to let those people know about the issue was to give the 4.3 million addresses to Have I Been Pwned creator Troy Hunt’s service, which is regarded as a gold-standard resource for checking to see if your data has potentially been compromised or is in danger of being compromised thanks to the litany of leaks, stolen credentials, hacks, data breaches and the like that now occur on a pretty regular basis.
“This strain of malware dates back as far as 2014, and it became a gateway into infected machines for other strains of malware ranging from banking Trojans to credential-stealers to ransomware,” Hunt wrote in a blog post on his site. Emotet was extremely destructive and wreaked havoc across the globe before eventually being brought to a halt in February.”
Hunt says the 4.3 million email addresses that law enforcement agencies provided actually came from two data sets. One included email credentials stored by Emotet for sending spam via victims’ mail providers, while the other included web credentials harvested from browsers that stored them to expedite subsequent logins. The stolen email addresses, he adds, also span a wide range of countries and domains.
In addition to checking Have I Been Pwned to see if your email address is listed among the harvested accounts, Hunt says that these common-sense best practices are some of the steps you should take going forward to keep your data safe.
- Keep your security software including anything you use for antivirus protection up to date.
- And change your email password. It’s also a good idea to change your password and any security questions for accounts that are stored in either your inbox or internet browser, especially those passwords tied to high-value services like your bank account. Regularly changing your passwords is always a good idea.
“In addition,” Hunt continues, “all the old security best practices are obviously still important whether you find yourself in this incident or not. Use a password manager and create strong, unique passwords. Turn on 2-factor authentication wherever available. Keep operating systems and software patched.”