Emotet C&C servers deliver new malware

[German]CERT-Bund informs that the cyber criminals behind the malware Emotet are currently rolling out new malware via their Command & Control servers (C&C servers). In addition, German city of Neustadt am Rübenberge has been infected by Emotet.


Advertising

CERT-Bund warns

At the end of August 2019 I had reported that the remote cyber criminals had returned after a 'summer break' and booted the C&C servers. I had this in the blog post CERT-Bund warns: Emotet is back, C&C servers online again. There you can also find hints about Emotet. Now I just came across a warning of the CERT-Bund about the following tweet, which points to the following facts.

The tweet from German CERT-Bund warns about the Emotet trojan. They say, the malware Emotet are currently dpwnloading new malware via their Command & Control servers (C&C servers). The following tweet addresses the same topic:

Administrators who block the relevant C&C servers in their network firewalls must therefore react. The following tweet specifies the Pastebin address with the latest block lists.


Advertising

To late for Neustadt

German site heise reported here, that the city council of Neustadt am Rübenberge was just recently infected by Emotet. Until next Friday the local network of the city administration remains switched off. Neustadt am Rübenberge is located near Hanover (i.e. Heise-Land). According to German site NDR several offices of the city have become victims of the blackmail Trojan Emotet. The Emotet infection was probably caused by an infected e-mail attachment. 

Until the end of the week the computers may not be used and the city administration is therefore at present only limited able to work. The car registration office is closed, the employees have no e-mail function. It is also not currently possible to apply for identity cards or passports.


Advertising

This entry was posted in Security and tagged . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).