Friday, January 15, 17:59
Home security The US is drawing attention to the increase in Emotet attacks

The US is drawing attention to the increase in Emotet attacks

The US Department of Homeland Security (CISA) Cyber ​​Security and Infrastructure Security Service has issued a warning about the huge increase in gang activity behind Emotet.

Historically, Emotet botnet spam has been linked to the spread of banking trojans, but these days it spreads malware spam and then sells access to infected computers to any criminal group, including operators. ransomware.

Emotet spam campaign-email-new service

Microsoft, Italy and Netherlands issued a warning last month of a sharp rise in malware activity of the Emotet gang, which took place a few weeks after the FranceThe Japan and New Zealand issued their Emotet notices.

Emotet was quiet after February, but returned strongly in July. CISA describes Emotet as an "advanced trojan that usually works as downloader or dropper of other malicious programs ”and“ one of the most widespread ongoing threats ”.

CISA's assessment is understandable given that Emotet is currently considered the largest botnet malware in the world.

From August, the CISA and MS-ISAC have spotted attackers targeting state and local governments with Emotet phishing emails.

Emotet spreads with worm-like features via phishing email attachments or attachments that load attachments Phishing. Once opened, Emotet "works" to spread across a network by guessing the admin credentials and using them to enable the intruder to move sideways through a network.

CISA reports that since July, the internal intrusion detection system for federal and political executive branch networks has detected approximately 16.000 alerts related to Emοtet activity.

Microsoft in September noticed that the Emotet gang was also using ZIP attachments in emails that were protected by password.

Another perfect trick currently being used by the Emotet gang is hijacking in "email threads". The Emotet team snatches an existing email chain from an infected host and responds to the thread by attaching an additional malware document.

Source of information:


Please enter your comment!
Please enter your name here

Teo Ehc
Teo Ehc
Be the limited edition.


Canon lets you take pictures from space

Instead of releasing new cameras for CES 2021, Canon is doing something different: It lets you take pictures from space ....

Wikipedia vs Big tech: Who fights misinformation?

As Election Day turned into US Election Week, Facebook, Twitter and YouTube were trying to prevent ...

Tesla: It is called to recall cars due to problematic screens

The touch screen in some Tesla cars seems to have a problem, which could ...

Ransomware is responsible for half of all data breaches in hospitals

Almost half of the data breaches committed in hospitals and the wider healthcare sector are due to ransomware attacks, ...

Astronomers have just found the oldest oversized black hole

A quasar was discovered in a dark corner of space - over 13,03 billion light-years away - and contains a ...

What are the best and most affordable 5G phones for 2021

The market will soon be flooded with mid-range 5G devices. Everything that happens will be really exciting: you will be able to ...

Verified Twitter accounts in a cryptocurrency scam with the name of Elon Musk violated!

Lately, hackers have been violating verified Twitter accounts in a cryptocurrency giveaway scam, in which the name of the CEO is used ...

Classiscam: Fraudsters "fake" brands and deceive users of European markets!

Dozens of criminal gangs publish fake ads in popular online markets, to attract unsuspecting users to "fraudulent" commercial sites or phishing ...

iOS 14.4: Displays a notification for repairs with non-genuine cameras

Starting with the iPhone 11, Apple has added a notification to iOS that tells the user when the device has a ...

Facebook: Sues Chrome extensions developers for data theft

Facebook has filed a lawsuit against two Portuguese nationals for developing Chrome extensions that collected data from Facebook users.