[German]CERT-Bund informs that the cyber criminals behind the malware Emotet are currently rolling out new malware via their Command & Control servers (C&C servers). In addition, German city of Neustadt am Rübenberge has been infected by Emotet.
At the end of August 2019 I had reported that the remote cyber criminals had returned after a ‘summer break’ and booted the C&C servers. I had this in the blog post CERT-Bund warns: Emotet is back, C&C servers online again. There you can also find hints about Emotet. Now I just came across a warning of the CERT-Bund about the following tweet, which points to the following facts.
— CERT-Bund (@certbund) September 10, 2019
The tweet from German CERT-Bund warns about the Emotet trojan. They say, the malware Emotet are currently dpwnloading new malware via their Command & Control servers (C&C servers). The following tweet addresses the same topic:
Emotet is back ! pic.twitter.com/QJZlGgDzId
— Raashid Bhat (@raashidbhatt) August 23, 2019
Administrators who block the relevant C&C servers in their network firewalls must therefore react. The following tweet specifies the Pastebin address with the latest block lists.
— Cryptolaemus (@Cryptolaemus1) September 9, 2019
To late for Neustadt
German site heise reported here, that the city council of Neustadt am Rübenberge was just recently infected by Emotet. Until next Friday the local network of the city administration remains switched off. Neustadt am Rübenberge is located near Hanover (i.e. Heise-Land). According to German site NDR several offices of the city have become victims of the blackmail Trojan Emotet. The Emotet infection was probably caused by an infected e-mail attachment.
Until the end of the week the computers may not be used and the city administration is therefore at present only limited able to work. The car registration office is closed, the employees have no e-mail function. It is also not currently possible to apply for identity cards or passports.
Cookies helps to fund this blog: Cookie settings