The Emotet botnet resumed activity and began sending out malicious spam again after a five-month break, during which the malware practically “lay low.” So far, Emotet is not delivering additional payloads to the infected devices of victims, so it is not yet possible to say exactly what this malicious campaign will lead to. Let me… Continue reading Emotet Botnet Resumed Activity after Five Months of Inactivity
Tag: Cryptolaemus
Emotet Malware Operators Found a Bug in Their Bootloader
Emotet malware operators have fixed a bug due to which, after opening a malicious document the system was not infected, and launched a phishing campaign again. Let me remind you, by the way, that at the end of last year we wrote that Microsoft patches Windows AppX Installer vulnerability that spreads Emotet malware. Emotet’s main… Continue reading Emotet Malware Operators Found a Bug in Their Bootloader
Emotet now installs Cobalt Strike beacons
The researchers warn that Emotet now directly installs Cobalt Strike beacons on infected systems, providing immediate access to the network for attackers. Those can use it for lateral movement, which will greatly facilitate extortion attacks. Let me remind you that usually Emotet installs TrickBot or Qbot malware on the victim’s machines, and that one already… Continue reading Emotet now installs Cobalt Strike beacons