Emotet malware just made the coronavirus harmful for machines too

May 5, 2020
emotet malware financial malware banking trojan antitrojan antimalware phishing antiphishing infosec information security

During these last few months, cyber security analysts and cyber research companies have been giving out precautions about the continuing increase in malware attacks, specifically Emotet.

U.S. Cybersecurity and Infrastructure Security Agency has issued warning as well that it’s considered a huge growth in focused malware attacks using Emotet.

In its short history, Emotet started its life as a banking Trojan more than 4-years ago, its ever-malicious makers have religiously introduced additional functionalities, together with the development of the malware into a dropper – so that it can be used to inject extra malicious code on endpoints that it has infected, as well as giving it the ability to scrape victims’ PCs for personal and sensitive information.

These hackers are leveraging International fear and panic to further their agenda and spread the malware. And this time, they have the CoronaVirus as their catalyst. One major instance was just reported when a tech company managed to detect several malicious emails from Japan that were disguised as government welfare information.

The email contained alleged reports of infected patients in several regions of Japan, including Osaka, Gifu, and Tottori. The emails were so convincing that they looked almost exactly the same as official Japanese government correspondences, complete with agency addresses, phone numbers, even legit email addresses, which makes it very efficient.

Just one unsuspecting victim or PC user is enough to help spread the malware into other user machines, worse, on the network. According to several other security firms, the email message contained a variety of files within. Aside from a Word file, there’s the .mp4 and even .pdf format. Each unique file has claimed to have instructions and details regarding the CoronaVirus – from its birth, countries affected, number of confirmed cases, fatalities, detection, and even up-to-date information from world health authorities.

Once Emotet has been downloaded, it uses the infected machine to ship out additional phishing emails and junk mail in an effort to grow the botnet, according to recent reports from security analysts.

These hackers have efficiently utilized emails about current events and worldwide concerns to unravel and spread the malware as well. Just last year, around September, attackers used phishing emails that claimed to include a model of Edward Snowden’s memoir, which was released a couple of weeks ago, in an attached MS-Word file. Once downloaded, malicious macros in the document brought on a PowerShell command, which then downloaded Emotet malware onto the infected system.

About the author

Leave a Reply