• Skip to main content
  • Skip to primary sidebar
  • Skip to footer

Technologous - Managed IT Solutions Bryan/College Station

  • Home
  • About
    • Areas We Serve
    • Our Leadership
      • Chris Dawson
      • Ian Soares
  • IT Services
    • Managed IT
    • Support IT
    • Cloud IT
  • Blog
  • Request a Consultation
  • Contact
You are here: Home / Blog / This New Malware, Emotet, Added An Email Attachment Stealer

This New Malware, Emotet, Added An Email Attachment Stealer

Emotet’s massive botnet was dormant for several months, but on July 17th, 2020, it suddenly rumbled back to life.

It started spewing out massive numbers of phishing emails aimed at installing Trickbot payloads on anyone unfortunate enough to open one of their poisoned emails. The emails are often described as invoices, manifests, and the like.

In recent days, security researchers have noted that Emotet has begun swapping Trickbot payloads out with QakBot payloads, which include the use of the ProLock ransomware strain. Whichever payload is deployed, however, security researchers have noticed something else. Emotet got another upgrade.

The upgrade takes the form of an email attachment stealer. Once installed on a target system, it will scan that target’s inbox and sent folders looking for email attachments. The malware isn’t picky, and will take anything, copying whatever files it finds and sending them to the command and control server so it can recycle and reuse the attachments on future phishing emails.

This may not sound like it, but is actually a devastatingly effective strategy. By using live files, the phishing emails gain a further air of authenticity. The data those files contain looks legitimate because it is legitimate in that the file was generated by someone working for a corporation and sent around to others for review.

Worse, Emotet doesn’t show any signs of slowing down. This week, based on statistics compiled by the interactive malware analysis platform AnyRun, Emotet was ranked as the malware threat of the week. It was measured by uploads, with nearly ten times the total uploads as njRAT, which claimed the #2 spot.

Given the size of the Emotet botnet, this is definitely a threat to be mindful of. Make sure your IT staff is aware of the large scale, ongoing phishing campaign by the botnet and be sure to remind all of your employees not to open any email attachments unless they’re absolutely certain where they’re coming from.

August 15, 2020 Filed Under: Blog Tagged With: Email, emotet, malware, Phishing emails

Primary Sidebar

GET OUR BLOG IN YOUR EMAIL!

Archives

  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • April 2020
  • March 2020
  • February 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • August 2018

Tags

adobe android App Apple attack Attacks Breach Browser Chrome Credit Card Dark Web Data Database Data Breach Email Facebook Firefox gmail Google Google Chrome government hacker Hackers information iOS iPhone malware Microsoft Microsoft Windows 10 office 365 Password Passwords patch Phishing ransomeware Ransomware Scam security Social Media Update Vulnerability Wifi Windows Windows 7 Windows 10

Footer

Contact Us

Address: 3091 University Drive, Unit 210, Bryan, Texas 77802
Phone: 979-217-1226

Our Blog

  • Careless Oversight Causes Nissan Breach January 19, 2021
  • Adobe Flash Is Done, and Flash Content Is Now Blocked January 18, 2021
  • QRat Malware Has an Email Offer January 16, 2021
  • PayPal Phishing Wants Account Info January 15, 2021
  • Babuk Locker Ransomware Found On The Internet January 14, 2021

Search

Follow Us

  • Facebook
  • Home
  • About
  • Resources
  • Contact
  • Our Leadership
  • Why Choose Us?
  • IT Services
  • Request a Consultation

Copyright © 2021| All Rights Reserved | Powered By Technologous, LLC | Log in