France, Japan, and New Zealand warn of a sudden spike with Emotet malware that steals login credentials from various browsers, email clients, and applications.
The malware was first observed in mid-2014 as a banking Trojan, later it upgrades as an advanced, self-propagating, and modular Trojan. It can be used to install other malware such as Trickbot and QBot onto a system.
Authorities from France, Japan, and New Zealand observed a sudden spike with the Emotete malware infection targeting several companies and administrations.
The malware is distributed through malicious email attachments or links to download the documents that appear like genuine invoices, financial documents, shipping information, resumes, scanned documents, or information on COVID-19.
JPCERT/CC observed a rapid increase in the number of domestic domain (.jp) email addresses that are abused and used to distribute the Emotet malware.
The main method of Emotet infection is attachments or emails with links in the body when the attachment gets executed it downloads the file from the link and users are recommended to activate the macro.
The malware steals account credentials, subject, and body data of emails from the infected and can use the stolen data to deliver spam emails.
According to JPCERT, the Emotet spam waves tripled last week and the infection rate is kept on increasing.
The Emotet is one of the most dangerous malware and it is capable of delivering payloads based on the specific tasks. It’s warm like capability helps to spread rapidly with other connected computers.
It is primarily distributed through social engineering techniques such as the emails with the links to download the malware.
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.
Also Read
EmoCrash – Researchers Exploited a Bug in Emotet Malware to Stop its Distribution
New Wave of Emotet Malware Hacks Wi-Fi Networks to Attack New Victims
Through the use of XLoader and impersonating SharePoint notifications, researchers were able to identify a…
Researchers have identified a rise in malicious activity on the VSCode Marketplace, highlighting the vulnerability…
TA397, also known as Bitter, targeted a Turkish defense organization with a spearphishing email containing…
BADBOX is a cybercriminal operation infecting Android devices like TV boxes and smartphones with malware…
Europol has published a groundbreaking report titled "Leveraging Legitimacy: How the EU’s Most Threatening Criminal Networks…
The Cybersecurity and Infrastructure Security Agency (CISA) has unveiled a proposed update to the National…