The FBI is Using “Have I Been Pwned” to Alert Emotet Victims

Network of blue platforms in the dark with bots on top botnet cybersecurity concept 3D illustration
Have I Been Pwned lets people see if their email address is leaked online.

The FBI collected over 4.3 million email addressed during a January takedown of the Emotet botnet. The agency recently handed those email addresses to the Have I Been Pwned service to better alert victims. The service, owned and operated by Australian security researcher Troy Hunt, is a trusted breach alert service, underpinning the Mozilla breach-alert notification system. 


Emotet distributed banking trojans, ransomware, and other cyber threats through malspam and phishing campaigns since 2014. The reign of terror came to an end in January when Netherlands law enforcement took control of key domains and servers. The Bundeskriminalamt (BKA) federal police agency in Germany updated over 1.6 million computers infected with the malware to launch a kill switch for the malware. 


Hunt said in a blog that the FBI gave him “email credentials stored by Emotet for sending spam via victims’ email providers” and “web credentials harvested from browsers that stored them to expedite subsequent logins.” 


The credentials were loaded into the Have I Been Pwned database as a single breach, even though it isn’t the typical kind of breach reported by the service. Have I Been Pwned currently lists over 11 billion “pwned” accounts from data breaches across the past decade, including a 2012 breach of MySpace and LinkedIn. The website also has a credential stuffing list of common passwords used to hack into accounts. 


Hunt tagged the breach as “sensitive,” meaning that the addresses can’t be searched publicly. 


“I’ve taken this approach to avoid anyone being targeted as a result of their inclusion in Emotet,” Hunt explains. “All impacted HIBP subscribers have been sent notifications already.”

Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post
Raleigh, NC/United States- 10/03/2018: Amazon packages at the front door of a residence.

Amazon Allows In-Garage Delivery on Grocery Deliveries 

Next Post
Police cars at night. Police car chasing a car at night with fog background. 911 Emergency response police car speeding to scene of crime. Selective focus

Hackers Threaten to Expose Police Informants

Related Posts