Connect with us

Hi, what are you looking for?

Tech & Science

Cyber-warning: Signs are that Emotet will return

We are seeing Emotet resurface at the busiest time of the year.

A man uses a laptop at a coffee shop in downtown Hanoi. - AFP
A man uses a laptop at a coffee shop in downtown Hanoi. - AFP

Recently there have been reports from security researchers that Emotet has resurfaced following a high-profile law enforcement disruption earlier this year (the kill switch was flipped for the malicious code in April 2021, as reported by Digital Journal at the time).

Emotet belongs to the malware strain known as banking Trojans and it is thought to have originated from within the Ukraine. Emotet was used as a springboard for a number of cybercriminal groups and attack techniques. It operated as a so-called botnet (a number of Internet-connected devices, each of which is running one or more bots). In this case, this was in the form of software that infects a network of computers and allows them to be remotely controlled.

According to GData: “In November 2021 we observed on several of our Trickbot trackers that the bot tried to download a DLL to the system. According to internal processing, these DLLs have been identified as Emotet….Currently, we have high confidence that the samples indeed seem to be a re-incarnation of the infamous Emotet.”

Looking at the issue for Digital Journal is Dr Süleyman Özarslan, co-founder of Picus Security, a company that specialises in simulating the attacks of cyber-criminal gangs.

Alluding to the forthcoming Holidays, Özarslan says: “Emotet’s reappearance is like seeing the ghost of Christmas past.”

In spelling out the essential risks, Özarslan explains: “Cybercriminals regularly take advantage of increased online activity during the holiday season to improve their malware distribution rate. It’s why it’s no surprise to see Emotet resurface at the busiest time of the year.”

Moving onto the specific attack mode, Özarslan reminds business users as to the core risks: “

“Phishing has always been the primary method used to distribute Emotet and in 2018 festive emails were used as a lure to trick victim’s into successfully downloading malicious Word documents disguised as Christmas cards. These Word documents contained malicious macros that downloaded banking malware.”

Initial infection of target systems often proceeds through a macro virus in an email attachment.

The same process of phishing is likely to reoccur and become the main attack vector. Özarslan warns: “Users should be vigilant of similar tactics being used again and exercise caution when clicking unknown links and attachments.”

Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Business

Screen-grab from video showing Syrah Resources Balama Graphite Project in Mozambique. Source - Syrah Resources Tesla is turning to Mozambique for a key component...

Business

Oil prices surge to 7-year high with geopolitical tensions in focus after an attack on an Abu Dhabi oil facility. Source - Flcelloguy at...

Life

Protesters take part in the Women's March and Rally for Abortion Justice at the State Capitol in Austin, Texas on October 2, 2021 -...

World

The United States on Tuesday upped its threat assessment of a potentially imminent Russian attack against Ukraine.