The infamous Emotet trojan returns to the top of malware charts, having been "refreshed" and evolved to be more difficult to detect. Its global threat index Check Point for December 2020 revealed that the malware variant rose to first place, from fifth place in November.
Emotet now accounts for 7% of malware infections worldwide, after a spam campaign that targeted more than 100.000 users a day during the holiday season. Emotet is followed by Trickbot trojan and from the infostealer “Formbook”, which represent 4% of the total infections recorded during this period.
Specifically, Check Point reported the following: "Emotet has now been updated with new malware payloads and improved possibilities avoid detection: the last version creates a dialog box, which helps it avoid being detected by users. "The new malware campaign uses various techniques to spread Emotet, including embedded links, attachments, or password-protected Zip files."
It is noteworthy that many ransomware gangs use Emotet and Trickbot in combination in their "operations", aiming to gain a foothold in the networks of their potential victims. Then the hackers can choose which victims to target with "hands-on-keyboard" attacks.
A new report detailing the activities of its variant Ryuk ransomware, suggested one of the best ways for organizations to mitigate the threat and prevent potential infection from various malware such as Emotet.
The focus should be on insurance e-mail with possibilities against him Phishing, but also improved end - user awareness training, although in - depth defense is always preferred, including two - factor authentication (2FA) and immediate correction to further reduce the attack surface.
Maya Horowitz, director of threat and product research at Check Point, told Emotet: "Emotet was originally developed as banking malware, which was hidden in users' computers to steal personal and sensitive information. However, it has evolved over time and is now considered one of the most costly and destructive variants of malware. It is therefore imperative that organizations be aware of the threat posed by Emotet and have strong security systems in place to prevent a significant breach of their data. "They should also provide comprehensive training to their employees so that they can detect the types of malicious emails that Emotet is spreading."