EMOTET MALWARE IS BACK WITH A VENGEANCE
Nastier than WannaCry and harder to stop
Emotet is a mature malware, regularly updating with shape shifting techniques and has evolved into an entire platform. Due to it’s polymorphic nature its impossible to consistently identify Emotet. In fact just in the last two weeks of January 2019, Sophos Labs saw 4,500 unique Emotet payload executables.
Indeed, the US Department of Homeland Security considers it amongst the most costly and destructive threats to US businesses right now.
Emotet is not a new piece of malware, but it’s one that’s got steadily more complex and more destructive.
We started seeing Emotet five years ago. It started off as a Trojan that silently stole banking credentials. Since then it has evolved into a highly sophisticated platform for distributing other kinds of malware. It’s crimeware as a service
Emotet serves up whatever malware pays. So far this year that’s meant TrickBot and QBot banking Trojans, although it’s also been linked with BitPaymer – a strain of sophisticated ransomware that extorts six-figure payouts.
The people behind Emotet are highly professional, financially motivated and they’re constantly evolving their threat to make it more powerful and destructive.
First contact with Emotet usually comes in the form of a familair looking email message with an attachment or a link. The attachment will urge the recipient to click on “Enable Editing” and from their, it is off to the races.
Emotet will spread wide and as quickly as possible, infecting every machine that it touches. The malware is designed to re-infect machines after they have been cleaned up.
As with many types of malware, Emotet may stay quiet and just learn. At some point Emotet will call home for more instructions at which time a banking trojan payload will deposited on your machine, just waiting for you to connect with a financial institution.
A data breach element exists as well. Emotet will skim off your email addresses/names – later to be sold off for spam campaigns.
Emotet has a security breach element that downloads your browser history – including user names and passwords.
All of this may be a smokescreen for the real purpose of the attack – Ransomware.
How will your company detect Emotet or any malware? How will your company respond and eradicate the malware?
Defend against Emotet with the world’s best endpoint solution, Sophos Interecept X w/EDR. See how Intercept X w/EDR handles a threat such as Emotet
Sophos ties all of thier solutions together with their industry leading Synchronized Security technology. Combining Intercept X w/EDR and the XG Firewall creating the ultimate defense – automatically detecting and responding with zero-touch – simplifying security!
Watch Synchronized Security in action.