The attacks with Emotes malware have been particularly high lately and are not going to stop any time soon. THE gang behind it is very active and is constantly finding new ways to infect them victims of. One of the hallmarks of Emotet infections is that they are the first stage of a larger attack. Often, the hacking groups exploit Emotet-infected devices to develop other malware or ransomware.
The exhibition "HP-Bromium Threat Insights Report, October 2020Reports an increase of 1.200% in Emotet attack detection, from July to September (compared to the previous quarter, where attacks were limited).
Since its inception in 2018, Emotet has been used in many hacking campaigns. Then, for a short time, it is in a "recession" and then returns. Experts believe that this will continue until 2021.
Emotet usually gains access to networks through phishing emails. Hackers do emails look convincing and credible and attach malicious documents. If users open these documents they will be asked (in most cases) to "enable editing". In this way they activate malicious macros and infect their computers with Emotet.
Attacks and malicious attachments are tailored to the victim's location. The hackers send messages written in English, French, German, Greek, Hindi, Italian, Japanese, Spanish and Vietnamese and refer to topics that may be of interest to victims.
Emotet started as banking trojan, but soon began to be used for mass attacks, creating backdoors on networks that hackers may sell to other malware operators (as a gateway for their own malicious campaigns). Emotet infections are often the first stage of a ransomware attack.
The hackers behind Emotet often advertise on hacking forums their work. They provide data (size, revenue, etc.) on infringing organizations to attract ransomware gangs and other hacking groups.
Ransomware operators use Emοtet more and more often, after giving them access in violated systems and increases the chances of a successful attack that can offer them great rewards (ransom). As Emotet attacks increase this time around, ransomware gangs can target even more compromised systems and make a lot of money.
To protect against Emotet and other similar attacks, organizations should take security measures, such as implement control services e-mail, to reduce the chances of successful malicious attachment delivery. In addition, all systems should receive the latest updates security to correct known vulnerabilities that could be exploited by cybercriminals.