saw a new variant of the Mirai botnet, which now involves 11 new exploits. Among…
Emotet appeared back in 2014, but it was one of the most active threats among malware.
“Malware was spreading using spam mails and through malicious Office documents. Such letters can be disguised as invoices, warnings about account security, party invitations, and even information about the spread of the coronavirus”, – explained Bleeping Computer journalists.
Hackers seem to be closely monitoring global trends and constantly improving their lures.
Although Emotet once began its journey as a classic banking trojan, the threat is now highly modified, and the group successfully collaborates with other criminal groups.
Today Emotet is distributed within the network. Emotet can even act as a Wi-Fi service.
“Emotet uses the infected machines to spread spam messages, and other malware as “Trickbot”, miners, info-stealers, as well as ransomware like Ryuk”, — said Bleeping Computer reporters.
CSIS Specialists, Microsoft, Malwarebytes, Abuse.ch, Spamhaus, as well as a group of independent Cryptolaemus researchers, who have been closely monitoring the botnet’s activity for several years, recorded the return of Emotet at the end of last week.
Experts write that the new spam campaign targets users from the US and the UK, and letters are written in English in Word documents, or contain URLs that are commonly loaded on hacked WordPress sites. Documents like these are dangerous due to malicious macros that (if enabled) will eventually download and install Emotet.
The researchers note that along with the already known templates, the Word application also uses a new template that allows users to view all documents that were created in iOS.
According to experts, more than 250,000 such letters have already been sent during the new campaign.
It should be noted that this is not the first long break in Emotet’s activity. Last year, the botnet was inactive for about four months, but then it resumed work. Spamhaus specialists provided this information.
News-bpudepi.today is a domain that tries to trick you into subscribing to its browser notifications…
Doguhtam.xyz is a site that tries to trick you into subscribing to its browser notifications…
News-xlixoti.com is a site that tries to force you into subscribing to its browser notifications…
Ducesousightion.com is a domain that tries to trick you into clik to its browser notifications…
News-xlabica.live is a domain that tries to trick you into clik to its browser notifications…
Mergechain.co.in is a site that tries to trick you into subscribing to its browser notifications…