Emotet is causing problems yet again.
The infamous trojan Emotet, which started its life in 2014 as a banking trojan, has reappeared in the news twice now in the last month. In mid-February the nefarious malware started a new campaign targeting random users, claiming to have video of them browsing certain adult websites.
Unlike some other sextortion campaigns such as the Necurs botnet , Emotet consistently targeted users at their workplace email addresses, heightening the panic of victims as they realize that their browsing habits could be exposed not only to family, but also to their employer. In January alone, Emotet has collected almost $60,000 in bitcoin from its victims, far exceeding the closest competitor Necurs which came in at around $6,000. There have even been some recent instances of Emotet exploiting the coronavirus health scare, luring users to install malware and opening themselves up to the modular menace.
Most recently the modular and customizable aspect of Emotet has been on display. The biggest headline for this month is that Emotet has now started distributing itself within a Wi-Fi network. Initially is downloaded from an infected phishing email. From there it proceeds to brute force its way onto an insecure Wi-Fi network, and if it succeeds it then infects every other remaining device on the network. This has increased the overall pervasiveness of the malware and kept it as one of the nastier trojans out in the wild.
Even with its relatively advanced age, Emotet is still severe enough to remain on several notable threat lists year after year, including a place on Any.Runs top ten most prevalent threats and a top five spot on Malwarebyes State of Malware report in 2020.
The good news is that the initial infection model of Emotet hasn’t changed much over six years. It still requires a user to interact with a phishing email of some sort. As long as you are using good common sense and not taking for granted any email that requires you to click or provide input, you should have little to no concerns that Emotet will show up on your networks. As always, having an informed and cautious user base will work to your advantage when dealing with phishing malware of this type.