Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Sponsored By
Multiple Automotive Manufacturers Infected With EmotetMultiple Automotive Manufacturers Infected With Emotet
Telemetry from industrial systems security firm Dragos has spotted the malware command-and-control servers communicating with several automotive manufacturer systems.
Dark Reading Staff
March 17, 2022
1 Min Read
A wave of potential pre-ransomware activity has been spotted targeting the manufacturing sector: OT security firm Dragos warned this week of several automotive manufacturers now infected with the infamous Emotet backdoor malware that's commonly used as an initial infection vector to drop ransomware.
Ransomware attackers for some time now have been training their campaigns on manufacturing companies. Dragos said it has identified Emotet command-and-control servers communicating with servers at automotive manufacturing companies. While so far there's been no sign of actual ransomware payloads getting dropped onto the manufacturers — based in North America and Japan — Dragos says the activity appears to be the possible first stage of ransomware attacks.
"These Emotet servers are suspected to be controlled by the Conti ransomware group," Dragos wrote in its blog. The firm said it first spotted the traffic in December of 2021 and that it has continued through March 2022.
About the Author(s)
You May Also Like
More Insights
Webinars
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and Phishing
Nov 01, 2023SecOps & DevSecOps in the Cloud
Nov 06, 2023What's In Your Cloud?
Nov 30, 2023Everything You Need to Know About DNS Attacks
Nov 30, 2023
