Emotet strikes again this time in Greece

After a short break of two weeks, a huge του Emotet botnet που πραγματοποιείται μέσω ανεπιθύμητων μηνυμάτων ηλεκτρονικού ταχυδρομείου βρίσκεται και πάλι σε εξέλιξη.  Μέχρι πρόσφατα, οι περισσότερες επιθέσεις έχουν καταγραφεί σε χρήστες στην Ελλάδα (17.7%), ενώ εξίσου σημαντικός αριθμός επιθέσεων σημειώνεται σε Ιαπωνία (16.5%) και Λιθουανία (15.3%).

According to Forrester, The is one of the top cyber threats to watch out for in 2020, and with a workforce working remotely in different locations, many organizations may be more vulnerable than ever.

Botnet operations can grow in sophistication, carrying out a wide range of illegal activities such as gathering program information , συλλογή κωδικών πρόσβασης, κλοπή διαπιστευτηρίων σύνδεσης από τραπεζικούς ιστότοπους ή ανάπτυξη ransomware.

In the recent malware of Emotet, spam usually contains stolen legitimate communication and a general "Please see attached document" lure.

Attached this time is a malicious document detected by ESET as GenScript.KLH. This is a document containing a malicious VBA, identified as VBA / TrojanDownloader.Agent, which is the beginning of a chain infection infection.

Emotet is considered particularly dangerous, as it then installs other malicious programs on the victim's computer, such as Trickbot and QBot. Trickbot and QBot have their own malicious activity, however in turn they can lead to Conti (Trickbot) or Ryuk ransomware attacks.


Είναι σημαντικό να τονιστεί ότι, παρά την τεράστια κακόβουλη επιχείρηση του Emotet botnet, η δράση του κακόβουλου TrickBot – το οποίο, από το 2016, έχει προσβάλλει πάνω από ένα εκατομμύριο υπολογιστές- παραμένει σε σαφώς περιορισμένα επίπεδα χάρη στην κοινή προσπάθεια αναχαίτισής του από τις ESET, , Lumen's Black Lotus Labs Threat Research, NTT and others.

Trickbot is known to steal users' credentials from compromised computers and, more recently, it has been observed as a mechanism for carrying out more serious attacks, such as ransomware attacks.

The coordinated global operation interferes with Trickbot by crashing the servers and . ESET contributed to the effort by providing technical analysis, statistics, and command and control server names and IP addresses.

Dealing with such a threat may seem like a daunting task, but there are ways in which organizations can protect themselves from botnet attacks.

Businesses also need to ensure that their networks are always up to date recent security updates, preventing cybercriminals from exploiting potential . Επιπλέον, καθώς οι απομακρυσμένες θύρες μπορούν να μετατραπούν σε σημείο εισόδου των χάκερς, οι επιχειρήσεις θα πρέπει να περιορίσουν όσο γίνεται περισσότερο την πρόσβαση – ειδικά όταν πρόκειται για RDP.

iGuRu.gr The Best Technology Site in Greecefgns

Subscribe to Blog by Email

Subscribe to this blog and receive notifications of new posts by email.

Written by newsbot

Although the press releases will be from very select to rarely, I said to go ... because sometimes the authors are hiding.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).