The malware known as Emotet has emerged as “one of the most prevalent ongoing threats”, as it increasingly targets state and local governments and infects them with other malware, according to the cybersecurity arm of the Department of Homeland Security. Emotet was first identified in 2014 as a relatively simple trojan for stealing banking account credentials. Within a year or two, it had reinvented itself as a formidable downloader or dropper that, after infecting a PC, installed other malware – such as the Trickbot banking trojan and the Ryuk ransomware. Over the past month, Emotet has successfully burrowed into Quebec’s Department of Justice and increased its onslaught on governments in France, Japan, and New Zealand. It has also targeted the Democratic National Committee. Emotet has a number of troubling features, including the ability to spread to nearby Wi-Fi networks, worm-like features that steal administrative passwords, and email thread hijacking.
Whilst usually hard to detect, the Emotet malware has notably been frustrated by ESET protection, even leading Emotet writers to drop comments into their code in irritation.
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
