Items tagged with emotet

This month, the Emotet botnet is going trick or treat, and it is only occupied with tricking. Previously, the malware spread by utilizing spam campaigns with Word or Excel files, but the botnet is back after a short hiatus. It is now using email “spam campaigns pretend to be invoices, shipping information, COVID-19 information, information about President Trump's health, resumes, or purchase orders, as shown below.” These emails contain malicious Word documents that load up scripts and ruin your day. BleepingComputer reports that “With its return to activity, Emotet switched to a new template that pretends to be a message from Windows Update stating that Microsoft Word needs... Read more...
The sheer number of malware campaigns operating online targeting users, in an attempt to steal information or extort money, is staggering. One of the recently revived botnets targeting users is called Emotet, which typically loads various types of malware and spreads via Wi-Fi networks. A vigilante hacker, however, has now stepped in to replace the nefarious payloads sent by these botnets with glorious animated GIFs. The identity of the vigilante hacker or hackers is unknown, but their actions are essentially preventing victims from being compromised by malware. The sabotage of the Emotet botnet is reportedly severely impacting a large portion of Emotet's operation. Currently, about 25% of all... Read more...
A new trojan has been spotted that is called Emotet. The trojan is described as highly sophisticated and it serves as a loader for other malware or ransomware once installed on a system. The key function of Emotet is that it can deliver custom modules or plugins that are designed for specific tasks. Those tasks include things like stealing Outlook contacts or spreading over a LAN. Recently, Binary Defense discovered a new loader type that takes advantage of the wlanAPI interface to enumerate all WiFi networks in the area. It will then attempt to spread to those networks and infect all the devices it can as it spreads. The protocol for the trojan is based on Google's Protobufs to serialize data... Read more...