Emotet, one of the world’s most dangerous cyber crime services, has been taken down following one of the largest ever internationally-coordinated actions against cyber criminals.

Although it began as banking malware designed to steal financial credentials, Emotet had become an infrastructure tool leased out to cyber criminals to break into victim computer networks and install additional malicious software.

Law enforcement agencies in the UK, North America and Europe had worked for almost two years to map the system’s infrastructure before the National Police of Ukraine raided properties to capture the computers it was being controlled from.

Videos of the raids uploaded by the National Police of Ukraine show the messy environments the computers were being operated from and the range of digital devices, foreign currencies, and even gold bars that were also seized.

The UK’s National Crime Agency (NCA) said the botnet had been used “to infiltrate thousands of companies and millions of computers worldwide”, with Europol – who coordinated the operation alongside Eurojust – described it as “the world’s most dangerous malware”.

Police in the Netherlands, Germany, the US, UK, France, Lithuania, Canada and Ukraine took part in the investigation, with the British NCA leading the financial sleuthing team, tracking “how the criminal network behind the malware was funded, where that funding went, and who was profiteering”.

Although Emotet was first discovered in 2014 as banking malware, it gained a reputation in the cyber crime community as a tool that could be used to open the door for other malwares and ransomware.

“Cyber criminals used Emotet as their first port of call,” said the NCA, explaining how the automated botnet “would send out emails to unsuspecting victims or companies with the malware either embedded in the email as a downloadable link, or included as a word doc attachment.

“When people clicked into the attachments or links, they were prompted to enable content to view the document, but in doing so allowed the malware to install and take hold of their computers.”

Europol said the Emotet infrastructure “involved several hundreds of servers located across the world, all of these having different functionalities in order to manage the computers of the infected victims, to spread to new ones, to serve other criminal groups, and to ultimately make the network more resilient against takedown attempts”.

Law enforcement has taken down the botnet by effectively hijacking it from the inside.

Although they are unable to uninstall the malware from victim’s computers, the infected machines are now being redirected towards infrastructure which the police are controlling – preventing criminals from using them to steal more data or send phishing emails.

The NCA’s analysis identified $10.5m being moved by the Emotet operators over a two-year period on just one virtual currency platform.

They also spotted almost $500,000 had been spent by the group over the same period just to maintain their criminal infrastructure.

Nigel Leary, the deputy director of the NCA’s National Cyber Crime Unit, said: “Emotet was instrumental in some of the worst cyber attacks in recent times.”

He said that it enabled up to 70% of the entire world’s malwares, including many – such as Trickbot and RYUK – which had a “significant economic impact” on businesses in the UK.

None of the police agencies announced arrests for the individuals who operated the infrastructure, although there was a suggestion that those who used it might be identified.

“Working with partners we’ve been able to pinpoint and analyse data linking payment and registration details to criminals who used Emotet,” said Mr Leary.

“This case demonstrates the scale and nature of cyber crime, which facilitates other crimes and can cause huge amounts of damage, both financially and psychologically.

“Using our international reach, the NCA will continue to work with partners to identify and apprehend those responsible for propagating Emotet Malware and profiting from its criminality.”

Masked men have broken into the Moscow flat of detained Vladmir Putin critic Alexei Navalny, according to one of his allies.

Ivan Zhdanov, head of Mr Navalny‘s anti-corruption foundations, said that they broke down the door of his apartment on Wednesday afternoon and searched it.

Mr Zhdanov added that Mr Navalny’s brother, Oleg, was in the apartment at the time.

Please use Chrome browser for a more accessible video player

The staunch critic of the Russian leader was detained in the Russian capital last week after stepping off a flight from Germany, where he was being treated following his poisoning last year.

The apparent raid of Mr Navalny’s flat comes as the UK government revealed it was keeping sanctions on Russia under review, in light of the arrest.

Wendy Morton, a foreign office minister, said in the Commons: “We keep further sanctions designations under constant review.

“However it would not be appropriate to comment at this stage on possible future designations as this could undermine their impact.”

Responding to Ms Morton, Conservative MP Sir Roger Gale, who tabled an urgent question in the Commons, said: “I spoke with the Russian ambassador, he chose to call me this morning, Andrei Kelin, and he made it absolutely clear to me during that call that the Russians regarded Mr Navalny as a prisoner who had broken his bail conditions and therefore would not be released.

“Under those circumstances, I have to say that I still regard this is a gross breach of the Convention on Human Rights and I hope that (Ms Morton) will do everything in her power to underscore that and to make it plain that this conduct is completely unacceptable.”

The UK government has already placed sanctions on six people and one organisation, Ms Morton added.

Tory MP Tom Tugendhat, chair of the Commons Foreign Affairs Select Committee, likened the Russian government to a “gangster elite”, and called for a list of the “ill-gotten gains that President Putin has stolen off the Russian people over the last 20 years”.

Over the weekend, Foreign Secretary Dominic Raab criticised the Russian authorities for their tactics during the pro-Navalny demonstrations, saying he condemned the “use of violence against peaceful protesters and journalists” while calling on its government to “release citizens detained during peaceful demonstrations”.

Please use Chrome browser for a more accessible video player

Since his arrest, Mr Navalny’s team has released a huge video investigation into the construction and alleged slush fund behind what is known as “Putin’s palace”, a £1bn private residence on Russia’s Black Sea coast.

Calling it “Putin’s biggest secret”, Mr Navalny and his team revealed new details about the sprawling complex near the resort town of Gelendzhik which has long been rumoured to belong to the Russian president.

The 737 MAX has been cleared to resume passenger flights in Europe in a boost for Boeing as it revealed a record annual loss for the company of almost $12bn (£8.7bn).

The US plane maker has been locked in crisis mode since the flagship of its fleet of planes was grounded globally in March 2019 following crashes of passenger flights in Indonesia and Ethiopia that left 346 dead.

While the 737 MAX was granted clearance by US regulators late last year to fly again following an overhaul of key safety systems, the green light was given far later than Boeing had expected.

Please use Chrome browser for a more accessible video player

Europe’s aviation watchdog, EASA, confirmed just moments before the company’s annual results were due to be published on Wednesday that the planes had met its own four tests to return to the skies.

They included a full design review and the implementation of a pilot training regime.

EASA executive director Patrick Ky said: “We have every confidence that the aircraft is safe, which is the precondition for giving our approval.

“But we will continue to monitor 737 MAX operations closely as the aircraft resumes service.”

Relatives of those who died in the crashes have condemned regulators for the lifting of their restrictions, arguing they are premature and even “dangerous” given the findings of a US Congressional investigation surrounding Boeing’s behaviour and the original certification of the MAX.

It is a welcome development though for Boeing following a devastating 2020 that saw its planned fightback from the 737 MAX crisis thwarted and sales devastated by the coronavirus pandemic.

The crisis forced the company to hoard completed orders, slash production, cut jobs, agree compensation with airlines for missed deliveries and pay $2.5bn to resolve a US investigation into the MAX accidents.

Now, the challenge facing Boeing is one of an industry battered by COVID-19 seeking to delay orders because of the collapse in demand for travel during much of 2020 and beyond.

The company said it would further delay its 777X aircraft programme at a cost of more than $6bn.

That charge was reflected in the record net loss which, at $11.9bn, was more than double the figure analysts had expected.

Shares were 1% down in pre-market deals.

The market had already been told that total aircraft deliveries were at a 43-year low in 2020 with coronavirus-inspired travel bans also depressing shipments of Boeing’s second most important cash generator currently – the 787 Dreamliner.

Boeing revealed on Wednesday that it burned $18.4bn in cash during the year as it grappled the challenges but said it welcomed commitments from airlines, including Ryanair, for additional 737 MAX orders.

Please use Chrome browser for a more accessible video player

Boeing chief executive Dave Calhoun told staff in a memo: “2020 was a year of profound societal and global disruption, which significantly impacted our industry.

“In the face of these challenges, we made important strides to strengthen our safety processes, rebuild trust, and transform our business to prepare for a robust recovery.”