HP noted a significant increase in malicious spam campaigns using Emotet malware during the third quarter in the “HP-Bromium Threat Insights Report, October 2020.”
1. Malicious spam campaigns distributing Emotet malware were up 1,200 percent in the third quarter compared to the second quarter. Emotet is often used to deploy infections including TrickBot to compromised computer systems.
2. Emotet malware is often a precursor to ransomware attacks operated by humans, according to the report. The report noted Trojans were the malware types used in 43 percent of attacks, followed by potentially unwanted applications at 21 percent and downloaders at 6 percent.
3. During the third quarter, 25 percent of the Emotet spam was sent to .org domains to give ransomware actors access to systems including Microsoft Windows. In Windows, Emotet convinces users to run a malicious Word document emailed to them.
4. Once in the system, Emotet replies to email threads with a malicious attachment or hyperlink to spread, seemingly from a familiar sender.
5. The report notes an atypical spam campaign detected in July delivered TrickBot banking malware with embedded payloads in Word documents; a second, larger campaign was detected in September.
© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.