Trickbot restores Emotet: 140.000 victims in 149 countries

Check Point Research (CPR), the research arm of Check Point Software Technologies, is warning about potential ransomware attacks as it sees samples of it to spread rapidly through it Trickbot. Από την κατάργηση του Emotet από τις αρχές, η CPR υπολογίζει 140.000 θύματα του Trickbot, σε 149 μόλις σε 10 μήνες. Νέα δείγματα του Emotet spread through Trickbot were discovered by CPR on November 15, 2021. emotet

Emotet is a strong indicator of future ransomware attacks, as malware provides ransomware gangs with access to compromised devices.

Check Point Research (CPR) sees samples of it Emotet spread rapidly through increased Trickbot activity. Emotet, once described as "the most dangerous malware in the world", provides threat backdoors to unsafe devices that could be leased to ransomware gangs and used for their own campaigns. Therefore, the return of Emotet is a strong indication for the future ransomware attacks.

Στις αρχές του έτους, μια συντονισμένη από την Europol και την Eurojust διεθνής επιχείρηση επιβολής του νόμου κατάφερε να πάρει τον έλεγχο της υποδομής του  Emotet και συνέλαβε άτομα. Δέκα μήνες αργότερα, στις 15 Νοεμβρίου 2021, οι μολυσμένες με Trickbot συσκευές άρχισαν να ρίχνουν δείγματα Emotet μέσω της προώθησης στους χρήστες αρχείων zip με προστασία κωδικού πρόσβασης προς , τα οποία περιέχουν κακόβουλα έγγραφα που αναδομούν το της Emotet. Το Emotet έχει επίσης αναβαθμίσει τις λειτουργίες του, προσθέτοντας μερικά νέα κόλπα στην εργαλειοθήκη του.

1 Chart. The chart below shows the victims of Emotet in the year 2021.

140,000 + Trickbot victims

Trickbot has shown a persistent growth rate. CPR has identified more than 140.000 victims affected by it since the abolition of botnet, including organizations and individuals. Trickbot affected a total of 149 countries, or more than 75% of all countries in the world.

2 Chart. Η Δυναμική του Trickbot σε μολυσμένα μηχανήματα από την 1η Νοεμβρίου


Trickbot and Geographic Data

Almost one third of all Trickbot targets are in Portugal and the USA.

Graph 3. The victims of Trickbot from November 1, 2020 grouped by country


Trickbot per Market

The CPR monitored the distribution of victims by industry, which is shown in the graph below. Victims from high-profile industries make up more than 50% of all victims.

4 Chart. Trickbot victims from November 1, 2020 grouped by industry

Comment by Lotem Finkelstein, Head of Threat Intelligence at Check Point Software:

"Emotet was the most powerful botnet in the history of cybercrime with a rich infection base. Now, Emotet has resold its infection base to other threat carriers to spread its most commonly malicious software. ransomware. The return of Emotet is an important warning sign for another increase in ransomware attacks as we enter 2022. ”

“Trickbot, which has always worked with Emotet, facilitates its return by promoting it to infected victims. This has allowed Emotet to start from a very stable position rather than from scratch. In just two weeks it became the 7th most popular malware, as you will notice in the most recent list of the most prevalent malware. Emotet is the best indicator we have for future ransomware attacks and as ransomware we should deal with Emotet and Trickbot infections, otherwise it's only a matter of time before we face a real ransomware ”. The Best Technology Site in Greecefgns

Subscribe to Blog by Email

Subscribe to this blog and receive notifications of new posts by email.

Trickbot, emotet, iguru

Written by newsbot

Although the press releases will be from very select to rarely, I said to go ... because sometimes the authors are hiding.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).