Emotet Malware Attacks – Why Are They So Successful?

Over the past week, global cybersecurity agencies have published security alerts warning about a large uptick in Emotet malware attacks targeting their respective countries.

The recent Emotet activity includes email spam campaigns originating from their own infrastructure, targeting companies and government agencies. Targeted organisations who received the emails and opened the attachments were at risk of getting infected with the dangerous malware.

Experts Comments

September 18, 2020
Tom Bonner
Distinguished Threat Researcher
BlackBerry
The recent rise of the infamous Emotet malware attacks come to no surprise, as BlackBerry’s Research and Intelligence team actively tracks the Emotet botnets called Epoch 1, Epoch 2 and Epoch 3. These botnets operate as a sophisticated malware delivery platform that is frequently updated to evolve and stay ahead of new security metrics and blockers built to fight it. As of late, the botnets were observed distributing banking trojans named Qbot and Trickbot, as well as additional tooling,.....Read More
The recent rise of the infamous Emotet malware attacks come to no surprise, as BlackBerry’s Research and Intelligence team actively tracks the Emotet botnets called Epoch 1, Epoch 2 and Epoch 3. These botnets operate as a sophisticated malware delivery platform that is frequently updated to evolve and stay ahead of new security metrics and blockers built to fight it. As of late, the botnets were observed distributing banking trojans named Qbot and Trickbot, as well as additional tooling, including credential stealers, WiFi brute-force malware, and spam. They also ran network propagation modules that cyberattackers can leverage to perform lateral movements once they hack into and have access within an organisation’s network post-infection. This strain of malware continues to be successful because Emotet has a good infrastructure for malicious activity. There are two things that make Emotet so stable: it is modularised to enhance its function, so consequently can conduct a wide range of malicious activity based on the attacker’s command. Secondly, the developer of Emotet maintains the code well and it is continuously updated.  Read Less
September 17, 2020
Tom Bonner
Distinguished Threat Researcher
BlackBerry
The recent rise of the infamous Emotet malware attacks come to no surprise, as BlackBerry’s Research and Intelligence team actively tracks the Emotet botnets called Epoch 1, Epoch 2 and Epoch 3. These botnets operate as a sophisticated malware delivery platform that is frequently updated to evolve and stay ahead of new security metrics and blockers built to fight it. As of late, the botnets were observed distributing banking trojans named Qbot and Trickbot, as well as additional tooling,.....Read More
The recent rise of the infamous Emotet malware attacks come to no surprise, as BlackBerry’s Research and Intelligence team actively tracks the Emotet botnets called Epoch 1, Epoch 2 and Epoch 3. These botnets operate as a sophisticated malware delivery platform that is frequently updated to evolve and stay ahead of new security metrics and blockers built to fight it. As of late, the botnets were observed distributing banking trojans named Qbot and Trickbot, as well as additional tooling, including credential stealers, WiFi brute-force malware, and spam. They also ran network propagation modules that cyberattackers can leverage to perform lateral movements once they hack into and have access within an organisation’s network post-infection. This strain of malware continues to be successful because Emotet has a good infrastructure for malicious activity. There are two things that make Emotet so stable: it is modularised to enhance its function, so consequently can conduct a wide range of malicious activity based on the attacker’s command. Secondly, the developer of Emotet maintains the code well and it is continuously updated.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.