Microsoft OneNote email attachments are now being used to spread the infamous Emotet malware, which is making a brief comeback. This malware aims to compromise systems by getting around macro-based security measures.
Despite attempts by law enforcement to neutralise it, Emotet, connected to a threat actor tracked as Gold Crestwood, Mummy Spider, or TA542, remains a formidable and tenacious menace.
Emotet is a variant of the banking worm Cridex, which was later replaced by Dridex around the time GameOver Zeus was shut down in 2014. Since then, Emotet has developed into a “monetized platform for other threat actors to run malicious campaigns on a pay-per-install (PPI) model, allowing theft of sensitive data and ransom extortion.”
While Emotet infections served as a conduit for Cobalt Strike, IcedID, Qakbot, Quantum ransomware, and TrickBot, its reappearance in late 2021 was made possible by TrickBot.
“Emotet is renowned for extended periods o
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: