Return Of Emotet In New 2020 Campaign – Expert On Research

Researchers at cybersecurity firm Proofpoint have observed that the prolific botnet Emotet has returned to the email threat landscape after a hiatus at the end of 2019. The Trojan-turned-botnet is being distributed by threat group TA542, using attachments and malicious links containing the botnet payload. So far in 2020, Proofpoint has observed Emotet targeting pharmaceutical companies in the US, Mexico, Germany, Japan and Australia amongst other regions and sectors.

Subscribe
Notify of
guest
2 Expert Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Javvad Malik
Javvad Malik , Security Awareness Advocate
InfoSec Expert
January 20, 2020 10:58 am

Emotet is quite difficult to mitigate against with any one security control because of the various techniques and methods it employs.

While it is important to have technical controls in place, many of the social engineering techniques can bypass technical controls. Therefore, it\’s vital that organisations invest in providing security awareness and training to employees so that they can be better equipped to identify and report any suspicious activity.

Last edited 2 years ago by Javvad Malik
Sherrod DeGrippo
Sherrod DeGrippo , Senior Director, Threat Research and Detection
InfoSec Expert
January 17, 2020 8:24 pm

Emotet is one of the world’s most disruptive threats and organizations worldwide should take its return seriously. They have a massive sending infrastructure—nobody hits volumes like they do.

TA542’s recent uptick in activity shows that threat actors work smarter not harder. They took 150 days off in 2019 and even with breaks, they’re incredibly effective. When TA542 returned in September 2019 from a summer hiatus, they accounted for over 11% of all malicious attachments we saw globally for the entire third quarter of that year despite being active for only two weeks during that three month period.

It’s important security teams continue to secure their email channel and educate users regarding the increased risks associated with email attachments.

Last edited 2 years ago by Sherrod DeGrippo
2
0
Would love your thoughts, please comment.x
()
x