News of the return of Emotet shocked the cybersecurity industry. According to statistics so far, Emotet is considered the activity of cybercriminals with the largest and most sophisticated scale.
The emotet botnet is back after 5 months of downtime
Emotet is known as the most dangerous malware (malware) in 2019, it is distributed to email users through spam emails. Although Emotet was blocked on February 7, 2020.
Botnet malware, running on three different server clusters with names respectively: Epoch 1, Epoch 2, and Epoch 3. This is the center for distributing spam emails, in order to infect malware to email users.
The spam email has an attachment of a .doc format or a link URL that leads to the download of a .doc file containing malicious macros, if users download the file, the Emotet malware will be automatically installed on the system.
Security experts said the three server clusters sent about 80,000 spam emails to countless email users at various companies.
Emotet’s gang currently operates a spam mail infrastructure to infect email users with the Emotet trojan. It will then take advantage of this successful intrusion to deploy other malware, with various cyber attacks (like deploying a banking trojan module), or to criminal groups. Other networks hire access to servers that are infected with malware (such as ransomware gangs, other malware operators like Trickbot, etc.)
Emotet is closely related to hacker ransomware gangs, and in some countries like Germany or the Netherlands, Emotet malware is rated as equally dangerous as ransomware attacks. Companies and business organizations, when detecting a server infected with Emotet, will be asked to isolate the infected system and bring the entire server offline while investigating experts trace it and remove malware from the system.
This is a spectacular return of Emotet when it was blocked all activities from May to September 2019.
Email protection is never too early for every business!