Emotet Makes a ComebackEmotet Makes a Comeback
The popular Trojan has re-emerged on the scene several months after the botnet infrastructure behind it was disrupted by law enforcement.
November 16, 2021
The once-pervasive malware tool Emotet has risen from the ashes months after international law enforcement agencies coordinated a takedown of its botnet infrastructure.
Multiple security vendor research teams have spotted the Trojan in the wild, and it appears to be reconstructing its infrastructure with the help of the TrickBot botnet, which is helping transport the malware. Emotet long had been a key weapon in ransomware and data-theft cybercrime. But experts predicted it might have been down, but it wasn't out.
Emotet still comes via rigged Office or zip files, often with other malware that establishes the command-and-control conduit to the attacker.
"Emotet is currently being distributed via TrickBot, which we associate with the eCrime adversary group: WIZARD SPIDER. As we suspected, the dismantling of the Emotet network by Europol in January 2021 only had a temporary effect," Adam Meyers, senior vice president of CrowdStrike, said in a statement "WIZARD SPIDER, is a sophisticated eCrime group whose arsenal also includes malware such as Ryuk, Conti, and Cobalt Strike. The takeover of Emotet by WIZARD SPIDER impressively shows how resilient the eCrime milieu has become by now."
Read more here.
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
Passwords Are Passe: Next Gen Authentication Addresses Today's Threats
What Ransomware Groups Look for in Enterprise Victims
Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware
Everything You Need to Know About DNS Attacks
Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks