Emotet was first discovered by security researchers in 2014. Emotet is a generic form of malware that is mostly used as a downloader for other types of malware. In July 2018, the U.S. Homeland Security Department issued a warning on Emotet, identifying it as a sophisticated, customizable trojan banking.
How does Emotet propagate?
Originally, emotet campaigns were launched through malware emails. Such emails appear to be in line with traditional malware concepts in many instances. These emails contain harmful attachments such as doc, pdf, etc. Once the consumer opens the connection, Emotet will be downloaded and released.
It has many features such as extracting information, collecting addresses, spamming, lateral dissemination, and other malware launching.
What makes it so dangerous?
Emotet acts as a loader for other malware, it can result in a wide range of consequences and harmful behavior that ranges from campaign to campaign. Emotet-infected organizations and the other trojans that it installs can encounter any of the following:
- Theft of data, including compromised keys for the network and email address, and any codes saved in web browsers.
- Account lockouts caused by the attempt by the malware to propagate internally across the network utilizing stolen passwords using brute force attacks.
- Disabled protection software, Windows Defender in particular.
- Email hijacking takes place by scraping names and email addresses from the mail server account of the victim and then using the account to send out more malware, essentially turning victims into spammers.
- Fraudulent transactions or withdrawals of bank accounts arising from trojans and empty their funds.
- Keep up to date with the latest operating system, security software.
- Do not open any link from an unknown/untrusted source in the mail.
- Don’t use an unknown/untrusted source provided attachments.
- Keep strong passwords.
- Use 2FA(two factor authentication) wherever possible.