The Emotet virus is making a comeback and could be even more dangerous than before

Share This Post

“At around 21:26 UTC on Sunday, November 14th, we observed on some of our Trickbot trackers that bots attempted to download DLLs onto their systems. Internal processing identified these DLLs as Emotet. Resurrected from the dead. Emotet malware has become the solution of choice for cybercriminals who use their infrastructure to access targeted systems on a global scale. The operators then sold this access to other cybercrime groups to deploy ransomware such as Ryuk, Conti, ProLock and Egregor.

Cybersecurity experts have once again started watching threat actors drop malware  to revive the infamous Emotet botnet. This year, in January, European and North American law enforcement agencies joined forces to sabotage and bring down the Emotet botnet. However, several security his vendors and experts have found activity indicating an imminent resurgence of Emotet, including Cryptolaemus, GData, and Advanced Intel.

Highlights

  • Order count went from 3-4 to 7. The downloaded binary seems to have different execution options (these are just DLL). The researchers saw no evidence of the Emotet botnet spamming or finding malicious documents dropping malware, but added that it’s just a matter of time.

  • BleepingComputer reports on the development and, in a clear shift in tactics, the threat actors behind Emotet’s resurgence are now using a method called “Operation Reach Rounds” to replace existing TrickBot reconstructions. It points out that the infrastructure is being used to infiltrate the Emotet botnet. The Emotet research group, Cryptolaemus, began analyzing his new Emotet loader and noticed a change from the past. “So far I can definitely see that the command buffer has changed.

Related Posts

ESG intelligence platform for private equity managers launched by ZG Tech

Shanghai Zhiji Information Technology Co., Ltd. (ZG Tech), a...

After Carvalho refuses to pay a high-tech ransom, the hackers publish the data from the LAUSD

The information was released Saturday, two days before the...

Overall losers result from the US-China technological dispute

No product has played a more important role in...

India’s Reliance Jio will release a budget laptop with 4G for $ 184

Reliance Jio launches USD 184 (INR 15,000) affordable laptop...

Nevada maintains a $ 1 billion gambling winning run

The Nevada Gaming Control Board announced Friday that the...