2021 has proven to be busy for law enforcement operations already, taking down numerous high-profile dark web marketplaces and forums including Dark Market (500k users, 2.4k sellers, transactions ~ €140 million), Emotet, Netwalker, and Egregor, with some even producing arrests of site operators. Digital Shadows’ new report, “Cybercriminal law enforcement crackdowns in 2021,” highlights the impact that these takedowns have had to date.
The report focuses, in part, on Emotet, the ransomware group which saw several members arrested earlier this year and has been offline since February. Digital Shadows attributes the lasting takedown to a combination of technical and organizational disruption. Law enforcement officials (LEOs) targeted Emotet’s infrastructure from the inside, redirecting traffic to a LEO-controlled infrastructure that enabled a mass-uninstall, wiping out the entire botnet almost immediately, combining this effort with the arrests of several key technical operators involved with the group. Emotet has since been offline for almost a month (compared to Trickbot, which involved no arrests, and recovered from a technical attack with minimal delay).