Multiple Automotive Manufacturers Infected With Emotet
Telemetry from industrial systems security firm Dragos has spotted the malware command-and-control servers communicating with several automotive manufacturer systems.
A wave of potential pre-ransomware activity has been spotted targeting the manufacturing sector: OT security firm Dragos warned this week of several automotive manufacturers now infected with the infamous Emotet backdoor malware that's commonly used as an initial infection vector to drop ransomware.
Ransomware attackers for some time now have been training their campaigns on manufacturing companies. Dragos said it has identified Emotet command-and-control servers communicating with servers at automotive manufacturing companies. While so far there's been no sign of actual ransomware payloads getting dropped onto the manufacturers — based in North America and Japan — Dragos says the activity appears to be the possible first stage of ransomware attacks.
"These Emotet servers are suspected to be controlled by the Conti ransomware group," Dragos wrote in its blog. The firm said it first spotted the traffic in December of 2021 and that it has continued through March 2022.
About the Author(s)
You May Also Like
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024