Do you receive spam related to your previous emails?

Two weeks after service warnings are published s from France, Japan and New Zealand on increasing Emotet activity, new warnings were published in Italy the Netherlands, but also from Microsoft.

These new alerts come as Emotet activity continues to grow, overshadowing any other malware activity that is active today.

Emotet is by far the largest malware botnet. It was dormant for most of this year, from February to July, but apparently came back for good.Does your computer have a virus? How to check it

Unfortunately, the inactivity didn't last long, and Emotet's operators are back in full control of their botnet, which they're using to send more and more spam. .

These spam emails come with malicious files, which infect the host with the Emotet malware. The gang soon after sells her on these infected hosts to other gangs of ransomware administrators

Many times, and especially in large corporate environments, an Emotet infection can turn into an ransomware attack within a few hours.

This is why cyber security services and CERT teams in France, Japan, New Zealand, Italy and the Netherlands are so scared of Emotet spam campaigns and issue defense-boosting alerts.

Emotet currently prefers to use one s called “email chains” or “hijacked treads.”

For the technique used by the Emotet gang, it first steals an existing email chain from an infected host and then responds to emails using the existing subject. The spy email comes with a forged ID, and contains a malicious document, hoping to trick the email chain participants into opening the attachment and infecting their system.

Emotet has been using this technique since October 2018 but has improved it a lot lately.

The technique is quite clever and effective and has been analyzed in a published report today by Palo Alto Networks.

However, the notices from Microsoft and Italian authorities also warn of another recent change in Emotet's spam campaigns, which now also use ZIP files protected with instead of Office documents.

The idea is that by using such password-protected files, email security portals cannot open it to scan its contents and won't see any traces of malware it contains.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).