Israeli organisations are being targeted and disrupted by Moses Staff with ransomless encryptions
November 15, 2021
US releases joint advisory warning companies of Iranian APT group that has been involved in ransomware attacks
November 17, 2021

Cyber security research groups observe signs of Emotet malware returning and rebuilding its botnet via TrickBot

On Monday 15th of November 2021, Emotet research groups Cryptolaemus, GData, and Advanced Intel started to observe the TrickBot malware dropping a loader for Emotet on infected devices. The Emotet malware was considered the most widely spread malware in the past although at the start of the year, it was taken down by an international law enforcement action coordinated by Europol and Eurojust. But now there are signs that a new variant of Emotet is being distributed through the Trickbot malware.

Emotet was being used to infected devices to conduct spam campaigns and install other payloads like Qbot and Trickbot malware. These payloads are known to be used by threat actors who are looking to deploy ransomware. This is concerning to cyber security researchers as the rebuilding of the Emotet botnet could lead to an increase in ransomware attacks. The botnet seems to be rebuilding itself through the infrastructure of Trickbot.

Related posts

June 9, 2023

HWL Ebsworth declare they won’t meet APLHV ransomware gang’s demands

Read more

Leave a Reply

Your email address will not be published.

Collaboration can mitigate the effects of Ransomware Attacks

Archives
Categories
Privacy Policy
RSS NCSC Threat Reports Feed

© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.