France, Japan, and New Zealand warn of a sudden spike with Emotet malware that steals login credentials from various browsers, email clients, and applications.
The malware was first observed in mid-2014 as a banking Trojan, later it upgrades as an advanced, self-propagating, and modular Trojan. It can be used to install other malware such as Trickbot and QBot onto a system.
Sudden Spike with Emotet
The malware is distributed through malicious email attachments or links to download the documents that appear like genuine invoices, financial documents, shipping information, resumes, scanned documents, or information on COVID-19.
JPCERT/CC observed a rapid increase in the number of domestic domain (.jp) email addresses that are abused and used to distribute the Emotet malware.
The main method of Emotet infection is attachments or emails with links in the body when the attachment gets executed it downloads the file from the link and users are recommended to activate the macro.
The malware steals account credentials, subject, and body data of emails from the infected and can use the stolen data to deliver spam emails.
According to JPCERT, the Emotet spam waves tripled last week and the infection rate is kept on increasing.
The Emotet is one of the most dangerous malware and it is capable of delivering payloads based on the specific tasks. It’s warm like capability helps to spread rapidly with other connected computers.
It is primarily distributed through social engineering techniques such as the emails with the links to download the malware.