The Emotes malware is one of the most common malware and the criminals who use it are exploited current issues to deceive them users and make them download it to computer their. For example, hackers took advantage of the celebrations for Halloween and sent spam emails, which were supposed to be invitations to a Halloween party.
Emotet is spread mainly through emails they contain malicious Word documents (with malicious macros). If victims open the documents, they will be called to enable macros, which download Emotet malware at the computer.
Once installed, Emotet will use the computer to send other spam messages but also to install other malware such as ransomware. Emotet malware is often the first step in a ransomware attack.
Halloween party invitation
The gang behind Emotet created one e-mail που invited the recipients to a Halloween party. The email contained a malicious attachment.
The experts noticed that the subject and the text of the email were presented in a different way, however in all cases it was an invitation to a Halloween party. All the "details" were in the malicious attachment.
One of the emails received by the victims said the following:
If you are coming it would be good!
Details in the attachment ”.
According to FireEye, the different names used for the malicious Word attachments included:
- Inviting friends to your Halloween Extravaganza.doc
- Hallοween party invitation.doc
- Halloween Pot Luck 10.31.doc
- Halloween party.doc
If a user opened the attachment, they would see the standard button "Activate editing" and "Content activationWhich, when pressed, install the Emotet Trojan on the computer. We hope you did not fall into the trap. You should never enable editing when you receive a document from an unknown sender.