Emotet malware was first discovered in the year 2014 as a simple banking trojan aimed to steal sensitive data from a victim’s computer.
It is highly active and the threat actors group (TA542) behind the malware strain continues to added sophistication methods and attack methods to thwart detection and remediation.
The Emotet continues to be the most destructive malware affecting governments, private and public sectors.
Emotet Campaign after Holiday Break
The new sample expands the infection geographically as it added dozens of countries around the world to target and also expanded the languages from English to English plus Chinese, German, Italian, Japanese and Spanish.
TA542 is known for having massive sending infrastructure and they are capable of sending millions of email messages, ProofPoint observed that on Monday alone they have sent “early three-quarters of a million messages and they’re already fast approaching one million messages total.”
Emotet is a serious threat, it is capable of downloading and installing a range of additional malware. It is wormable, so the infection spreads rapidly across the network.
It is known for distributing various malware popular malware families such as AZORult, IcedID, ZeuS Panda, and TrickBot.
Emotet generally distributed through spam mails, with a particular theme such as invoices, reports, documents, shipping information or voice mail.
Organizations are recommended to ensure their mail traffic is safe and the users aware of the mails that encourage urgent actions to open links or attachments.