Malware distribution network Emotet has been hacked by a potential threat actor of unknown origin, substituting malware for humorous GIFs. As a result, instead of being hit with malware, users who click on malicious links from Emotet spam have been seeing images of James Franco and others such as “Hackerman” from the 2015 film “Kung Fury.” Members of “Cryptolaemus,” an informal group of security researchers who track Emotet, noted on Twitter last Friday that Emotet activity had suddenly declined and that the “Hackerman” GIF was loading instead of malware in around 25% of the cases. While this may seem a benign prank, it does raise concerns that the large-scale distribution of Emotet could be intercepted and replaced with payloads that are less detectable in the future.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.