June 3, 2024 at 10:25AM
Law enforcement authorities are seeking information on an individual known as Odd, suspected to be the mastermind behind the Emotet malware. The cybercriminal has operated under various aliases and may be collaborating with others. Recent efforts have led to arrests and takedowns of servers associated with malware operations, intensifying the fight against cybercrime.
From the meeting notes on Jun 03, 2024, it is evident that the law enforcement authorities behind Operation Endgame are seeking information about an individual known as “Odd,” who is suspected to be the mastermind behind the Emotet malware. Odd is also known by aliases such as Aron, C700, Cbd748, Ivanov Odd, Mors, Morse, and Veron, and it is believed that he may be working with others on malware beyond Emotet. The Emotet threat actors have been tracked under monikers Gold Crestwood, Mealybug, Mummy Spider, and TA542, and the malware has evolved from a banking trojan to a broader-purpose tool capable of delivering various payloads. The operation also led to the takedown of several servers associated with malware loader operations and the identification of cyber criminals involved in SmokeLoader and Trickbot malware operations. Furthermore, there are indications of cyber attacks involving compromised accounts, malicious emails, and the usage of stolen credentials to gain initial access into networks. The criminal actors on underground forums are also on alert, with discussions about the consequences of leaked ransomware logs and suspicions of insider collaboration with law enforcement.