EMOTET

Emotet is back after a three-month hiatusEmotet is back after a three-month hiatus

Emotet is back after a three-month hiatus

The infamous Emotet malware is back after a short hiatus, threat actors are spreading it via Microsoft OneNote email attachments. The…

2 years ago
Emotet is back and delivers payloads like IcedID and BumblebeeEmotet is back and delivers payloads like IcedID and Bumblebee

Emotet is back and delivers payloads like IcedID and Bumblebee

The Emotet malware is back and experts warn of a high-volume malspam campaign delivering payloads like IcedID and Bumblebee. Proofpoint…

3 years ago
Experts analyzed the evolution of the Emotet supply chainExperts analyzed the evolution of the Emotet supply chain

Experts analyzed the evolution of the Emotet supply chain

Threat actors behind the Emotet bot are continually improving their tactics, techniques, and procedures to avoid detection. VMware researchers have…

3 years ago
New Emotet variant uses a module to steal data from Google ChromeNew Emotet variant uses a module to steal data from Google Chrome

New Emotet variant uses a module to steal data from Google Chrome

Researchers spotted a new variant of the Emotet bot that uses a new module to steal credit card information stored…

3 years ago
Emotet tests new attack chain in low volume campaignsEmotet tests new attack chain in low volume campaigns

Emotet tests new attack chain in low volume campaigns

Emotet operators are testing new attack techniques in response to Microsoft's move to disable Visual Basic for Applications (VBA) macros…

3 years ago
New Emotet botnet is rapidly growing, with +130K unique bots spread across 179 countriesNew Emotet botnet is rapidly growing, with +130K unique bots spread across 179 countries

New Emotet botnet is rapidly growing, with +130K unique bots spread across 179 countries

A few months after its return the Emotet botnet has already infected over 130,000 unique bots spread across 179 countries.…

3 years ago
Microsoft disables the ms-appinstaller protocol because it was abused to spread malwareMicrosoft disables the ms-appinstaller protocol because it was abused to spread malware

Microsoft disables the ms-appinstaller protocol because it was abused to spread malware

Microsoft temporarily disabled the ms-appinstaller protocol for MSIX because it was abused by malware, such as Emotet. Microsoft announced to have temporarily…

3 years ago
Emotet spam uses unconventional IP address formats to evade detectionEmotet spam uses unconventional IP address formats to evade detection

Emotet spam uses unconventional IP address formats to evade detection

Experts warn Emotet malware campaign using "unconventional" IP address formats in an attempt to evade detection. Threat actors behind a…

3 years ago
Emotet directly drops Cobalt Strike beacons without intermediate TrojansEmotet directly drops Cobalt Strike beacons without intermediate Trojans

Emotet directly drops Cobalt Strike beacons without intermediate Trojans

The Emotet malware continues to evolve, in the latest attacks, it directly installs Cobalt Strike beacons to give the attackers…

4 years ago
The newer cybercrime triad: TrickBot-Emotet-ContiThe newer cybercrime triad: TrickBot-Emotet-Conti

The newer cybercrime triad: TrickBot-Emotet-Conti

Advanced Intelligence researchers argue that the restarting of the Emotet botnet was driven by Conti ransomware gang. Early this year,…

4 years ago