• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Emotet Malware Makes a Comeback with New Evasion Techniques

You are here: Home / General Cyber Security News / Emotet Malware Makes a Comeback with New Evasion Techniques
January 24, 2023

Emotet Malware

The Emotet malware operation has ongoing to refine its practices in an hard work to fly less than the radar, whilst also acting as a conduit for other unsafe malware this sort of as Bumblebee and IcedID.

Emotet, which formally reemerged in late 2021 pursuing a coordinated takedown of its infrastructure by authorities before that yr, has ongoing to be a persistent threat which is dispersed through phishing e-mail.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


Attributed to a cybercrime team tracked as TA542 (aka Gold Crestwood or Mummy Spider), the virus has advanced from a banking trojan to a malware distributor given that its first look in 2014.

The malware-as-a-service (MaaS) is also modular, able of deploying an array of proprietary and freeware parts that can exfiltrate delicate data from compromised equipment and carry out other submit-exploitation routines.

Two hottest additions to Emotet’s module arsenal comprise an SMB spreader that is made to aid lateral motion employing a list of difficult-coded usernames and passwords, and a credit score card stealer that targets the Chrome web browser.

The latest campaigns involving the botnet have leveraged generic lures with weaponized attachments to initiate the attack chain. But with macros turning out to be an obsolete system of payload distribution and original infection, the attacks have latched on to other methods to sneak Emotet previous malware detection applications.

Emotet Malware

“With the newest wave of Emotet spam email messages, the hooked up .XLS information have a new approach for tricking users into making it possible for macros to down load the dropper,” BlackBerry disclosed in a report published last 7 days. “In addition to this, new Emotet variants have now moved from 32little bit to 64little bit, as an additional technique for evading detection.”

The approach consists of instructing victims to shift the decoy Microsoft Excel information to the default Office Templates folder in Windows, a location reliable by the operating program to execute malicious macros embedded within just the documents to provide Emotet.

The advancement factors to Emotet’s steady attempts to retool itself and propagate other malware, these types of as Bumblebee and IcedID.

“With its regular evolution more than the very last eight-furthermore years, Emotet has continued to become far more sophisticated in phrases of evasion techniques has added extra modules in an exertion to further more propagate itself, and is now spreading malware by using phishing strategies,” the company claimed.

Located this short article attention-grabbing? Observe us on Twitter  and LinkedIn to read through additional unique content we publish.


Some pieces of this report are sourced from:
thehackernews.com

Previous Post: «Cyber Security News Gartner: Zero Trust Won’t Mitigate Over Half of Attacks
Next Post: Up to 350,000 open source projects vulnerable to 15-year-old Python bug up to 350,000 open source projects vulnerable to 15 year old python»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Up to 350,000 open source projects vulnerable to 15-year-old Python bug
  • Emotet Malware Makes a Comeback with New Evasion Techniques
  • Gartner: Zero Trust Won’t Mitigate Over Half of Attacks
  • ICO Offers Data Protection Advice to SMBs
  • Record-Breaking Year for DDoS Attacks Targeting Russia
  • Apple Issues Updates for Older Devices to Fix Actively Exploited Vulnerability
  • Facebook Introduces New Features for End-to-End Encrypted Messenger App
  • Hackers Deploy Open-Source Tool Sliver C2, Replacing Cobalt Strike, Metasploit
  • Two Vulnerabilities Found in Galaxy App Store
  • Most Federal Agencies Ignored GAO’s Cybersecurity Recommendations

Copyright © TheCyberSecurity.News, All Rights Reserved.