08-15-2020 , 10:50 PM
https://blog.malwarebytes.com/trojans/20...s-returned It’s baaaack: Public cyber enemy Emotet has returned Posted: July 17, 2020 by Threat Intelligence Team
Last updated: August 4, 2020
It was never a question of “if” but “when”. After five months of absence, the dreaded Emotet has returned. Following several false alarms over the last few weeks, a spam campaign was first spotted on July 13 showing signs of a likely comeback.
The Emotet botnets started pushing malspam actively on Friday, July 17, using the same techniques as employed in its last wave of activity. Malicious emails contain either a URL or an attachment that, once clicked on or opened, launches the Emotet payload. One familiar technique is for the document to be sent as a reply within existing email threads. Emotet has returned with new tricks
Emotet was by far the most visible and active threat on our radars in 2018 and 2019—right up until the start of 2020, when it went into an extended break. One of the reasons why it was (and is) so successful is because of its constant evolution in attack techniques and threat partnerships.
For example, according to Bleeping Computer, Emotet now uses stolen email attachments to add credibility to the spam it generates to infect targeted systems. This is in addition to the aforementioned technique of hijacking email threads—a social engineering strategy employed to increase the likelihood of infection.
Last updated: August 4, 2020
It was never a question of “if” but “when”. After five months of absence, the dreaded Emotet has returned. Following several false alarms over the last few weeks, a spam campaign was first spotted on July 13 showing signs of a likely comeback.
The Emotet botnets started pushing malspam actively on Friday, July 17, using the same techniques as employed in its last wave of activity. Malicious emails contain either a URL or an attachment that, once clicked on or opened, launches the Emotet payload. One familiar technique is for the document to be sent as a reply within existing email threads. Emotet has returned with new tricks
Emotet was by far the most visible and active threat on our radars in 2018 and 2019—right up until the start of 2020, when it went into an extended break. One of the reasons why it was (and is) so successful is because of its constant evolution in attack techniques and threat partnerships.
For example, according to Bleeping Computer, Emotet now uses stolen email attachments to add credibility to the spam it generates to infect targeted systems. This is in addition to the aforementioned technique of hijacking email threads—a social engineering strategy employed to increase the likelihood of infection.