Emotet Botnet Resumed Activity after Five Months of Inactivity

The Emotet botnet resumed activity and began sending out malicious spam again after a five-month break, during which the malware practically “lay low.” So far, Emotet is not delivering additional payloads to the infected devices of victims, so it is not yet possible to say exactly what this malicious campaign will lead to. Let me… Continue reading Emotet Botnet Resumed Activity after Five Months of Inactivity

Emotet Malware Operators Found a Bug in Their Bootloader

Emotet malware operators have fixed a bug due to which, after opening a malicious document the system was not infected, and launched a phishing campaign again. Let me remind you, by the way, that at the end of last year we wrote that Microsoft patches Windows AppX Installer vulnerability that spreads Emotet malware. Emotet’s main… Continue reading Emotet Malware Operators Found a Bug in Their Bootloader

TrickBot causes crashes on the machines when cybersecurity experts studying it

TrickBot malware has received new features that make it more difficult to investigate and detect — for example, TrickBot has learned to crash the browser when suspicious manipulations are detected. TrickBot is one of the most famous and “successful” malware to date. The malware was first noticed back in 2015, shortly after a series of… Continue reading TrickBot causes crashes on the machines when cybersecurity experts studying it

Microsoft patches Windows AppX Installer vulnerability that spreads Emotet malware

The latest of this year, December’s patch Tuesday brought fixes for six 0-day vulnerabilities in Microsoft products, including a bug in the Windows AppX Installer that uses Emotet malware to spread. Microsoft patched 67 vulnerabilities in its products this month, seven of which are classified as critical and 60 are classified as important. Separately, Microsoft… Continue reading Microsoft patches Windows AppX Installer vulnerability that spreads Emotet malware

Emotet now installs Cobalt Strike beacons

The researchers warn that Emotet now directly installs Cobalt Strike beacons on infected systems, providing immediate access to the network for attackers. Those can use it for lateral movement, which will greatly facilitate extortion attacks. Let me remind you that usually Emotet installs TrickBot or Qbot malware on the victim’s machines, and that one already… Continue reading Emotet now installs Cobalt Strike beacons

In August, the updated Qbot Trojan first entered the top of the most widespread malware

Check Point has released its monthly Global Threat Index for August 2020. According to the researchers, the updated Qbot Trojan (aka QuakBot, Qakbot, and Pinkslipbot) first entered the TOP of the most widespread malware in the world, where it took tenth place. Experts discovered Qbot in 2008; over the years, it has evolved from an… Continue reading In August, the updated Qbot Trojan first entered the top of the most widespread malware

Microsoft recommends Exchange administrators to disable SMBv1

Microsoft strongly recommends administrators disable the SMBv1 protocol on Exchange servers to protect against threats that exploit its vulnerabilities. Let me remind you that Microsoft has been implementing a systematic refusal to use the outdated SMBv1 for a long time. So, since 2016, the company has advised administrators to withdraw from SMBv1 support since this… Continue reading Microsoft recommends Exchange administrators to disable SMBv1

Trojan Emotet is trying to spread through available Wi-Fi networks

Binary Defense analysts noticed that the new version of the Emotet Trojan behaves like a Wi-Fi worm, as it tries to spread and infect new victims through Wi-Fi networks available nearby. Researchers say that to detect the nearest Wi-Fi networks, the malware uses wlanAPI.dll on an already infected machine. Having discovered an available network, Emotet… Continue reading Trojan Emotet is trying to spread through available Wi-Fi networks

Greta Thunberg became the most popular character in phishing campaigns

Check Point analysts prepared a traditional monthly report on the most active threats, the Global Threat Index. Greta Thunberg and Christmas became the most popular topics in spamming and phishing campaigns. For already three months, the Emotet Trojan has occupied one of the leading positions among malware: in December, Emotet affected 13% of organizations worldwide,… Continue reading Greta Thunberg became the most popular character in phishing campaigns

Emotet topped the rating of the most common threats in 2022

Any.Run, interactive service for automated malware analysis has compiled a list of the ten most common threats downloaded to this platform. The Trojan Emotet topped this 2019 threat rating. The top includes malware designed to steal all types of confidential information, bank details, and remote access tools to control a hacked host. No.1 Emotet –… Continue reading Emotet topped the rating of the most common threats in 2022