Multiple Automotive Manufacturers Infected With EmotetMultiple Automotive Manufacturers Infected With Emotet
Telemetry from industrial systems security firm Dragos has spotted the malware command-and-control servers communicating with several automotive manufacturer systems.
March 17, 2022
A wave of potential pre-ransomware activity has been spotted targeting the manufacturing sector: OT security firm Dragos warned this week of several automotive manufacturers now infected with the infamous Emotet backdoor malware that's commonly used as an initial infection vector to drop ransomware.
Ransomware attackers for some time now have been training their campaigns on manufacturing companies. Dragos said it has identified Emotet command-and-control servers communicating with servers at automotive manufacturing companies. While so far there's been no sign of actual ransomware payloads getting dropped onto the manufacturers — based in North America and Japan — Dragos says the activity appears to be the possible first stage of ransomware attacks.
"These Emotet servers are suspected to be controlled by the Conti ransomware group," Dragos wrote in its blog. The firm said it first spotted the traffic in December of 2021 and that it has continued through March 2022.
About the Author(s)
You May Also Like
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
What's In Your Cloud?Nov 30, 2023
Everything You Need to Know About DNS AttacksNov 30, 2023
9 Traits You Need to Succeed as a Cybersecurity Leader
The Ultimate Guide to the CISSP
Defending Corporate Executives and VIPs from Cyberattacks
Protecting Critical Infrastructure: The 2021 Energy, Utilities, and Industrials Cyber Threat Landscape Report
2021 Gartner Market Guide for Managed Detection and Response Report