Vectra comments on the resurrection of EMOTET

Pirrit Adware ist die am weitesten verbreitete Bedrohung für MacOS-Computer

Emotet

Dangerous malware is doing its mischief again

At the beginning of the year, Emotet, one of the most dangerous types of malware, seemed to be almost done. In a joint action, security authorities managed to get hold of the cybercriminals and their infrastructure. Now, however, various experts and media are reporting that the malware has reappeared.

Andreas Riepen, Head of Central & Eastern Europe (CEE) at the IT security provider Vectra AI , commenting on the resurrection of the malware EMOTET:

Andreas Riepen from Vectra AI

“Although Emotet was a very dangerous malware a few years ago, it belonged to an earlier generation of malware that caused very limited damage to organizations compared to what we are experiencing today. In 2014, the malware focused mainly on the theft of bank data, but experienced a development in which it became mainly a so-called “loader”. Over the past 18 months, we have noticed that this loader loads TrickBot and Qbot on victims’ PCs. At the beginning of the year, the organization was supposed to be stopped by the government.

Recently – and earlier, back in June – new traces of Emotet were found, probably due to the fact that the source code was backed up. To think that it would be gone forever would be a mistake. Many people have dealt with the code and tools over the years.

It is interesting that the attack techniques used since 2014 are very similar. If the DLL has changed and the hashes were different, then in reality the traces left by the tools would have remained the same. For this reason, security tools based on machine learning to detect the resulting behavior of these tools are extremely relevant today and will continue to exist in the foreseeable future.

The fact is that interrupting or destroying the infrastructure can set cybercriminals back by months or even years, but where there is a will, there is also a way – and criminals have repeatedly shown a focused will to steal, cheat and blackmail. It is a good reminder that even with significant victories against criminal groups, individual companies and security professionals still need to remain vigilant.“

Ready to see us in action:

More To Explore

IWanta.tech
Logo
Enable registration in settings - general
Have any project in mind?

Contact us:

small_c_popup.png