Connect with us

Hi, what are you looking for?

HEADLINES

Emotet’s return is the canary in the coal mine – Sophos

The sudden disappearance of the malware gave rise to a lot of rumors that the creators had been arrested, or contracted COVID-19, or simply had retired and planned to live the good life on the Black Sea coast. But these theories were squashed on July 17th, when Sophos saw a new wave of Emotet attacks swing back into action.

Photo by Taskin Ashiq from Unsplash.com

Sophos, a global player in next-generation cybersecurity, discovered that Emotet, the ubiquitous botnet that arrives in the guise of any of a thousand different bogus email messages, never really went away when it suddenly stopped appearing in internal records and feeds of spam emails in February.

The sudden disappearance of the malware gave rise to a lot of rumors that the creators had been arrested, or contracted COVID-19, or simply had retired and planned to live the good life on the Black Sea coast. But these theories were squashed on July 17th, when Sophos saw a new wave of Emotet attacks swing back into action.

“We’ve talked a lot about Emotet in the past, including showing its malware ecosystem, and providing a series of deep-dive 101s, not forgetting showing the authors venting their frustration at Sophos. But then in February 2020, Emotet ceased production – its botnets stopped activity, and the waves of spam campaigns went silent. This isn’t the first time it’s vanished off the radar, only to rise again months later – and that’s exactly what we saw again last Friday,” said Richard Cohen, Senior threat researcher and manager of the Abingdon, UK detection team.

Unfortunately, Emotet is not merely a tool for thievery, but the botnet acts as a delivery mechanism for other malware, walking it through the firewall over the encrypted channels it creates, bypassing network-based defenses.

Advertisement. Scroll to continue reading.

As a result, Sophos investigated many cases in which a large-scale ransomware infection began as the result of this simple but effective Trojan lying undetected for a period of time, before the infected computer was used as a staging area for a larger attack against the company or organization on whose network it insinuated itself.

The Emotet gang has not changed their same, fundamental playbook they’ve followed for years. If you receive an email from an unknown source, or unexpectedly from a known source, with a Microsoft Office file attached, be extremely careful about opening it. In a related vein, if you receive an email that tells you to download such a file attachment in order to receive some sort of invoice or statement, be extremely suspicious.

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

GCash, a financial super app and cashless ecosystem, reaffirmed its commitment to trust, security, and collaboration with customers, stakeholders, and law enforcement to ensure...

HEADLINES

Senator Mark Villar recently filed a resolution seeking a senate inquiry on the trade of International Mobile Subscriber Identity (IMSI) catchers, which allow fraudsters...

HEADLINES

Under the DSA, Globe and GoTyme may share with digital bank GoTyme information about mobile numbers potentially used by fraudsters, including names, addresses, and...

HEADLINES

In 2024, Converge blocked a record 183 billion entry attempts to  683,000 URLs / domains it has registered in its system as illegal sites....

HEADLINES

HP threat researchers observed large campaigns spreading VIP Keylogger and 0bj3ctivityStealer malware that leverage the same techniques and loaders, suggesting the use of malware...

HEADLINES

Task scammers often impersonate representatives of notable brands such as Shopee Mall or Shopee’s HR Recruitment Team, luring victims with fake part-time or full-time...

HEADLINES

Palo Alto Networks predicts that 2025 is the year deepfakes go mainstream in Asia Pacific. If high-profile individuals can fall victim to identity fraud, children...

HEADLINES

Data privacy is more critical than ever, especially when social media platforms, AI chatbots and connected devices have increased publicly available digital footprints. This...

Advertisement