[German]The cyber criminals behind the blackmail Trojan Emotet malware are currently running a new ransomware campaign. Security authorities in various countries are warning of new waves of attacks.
Emotet started it’s life as a simple banking Trojan when it was created in 2014 by a hacker group with various names, including TA542, Mealybug and MUMMY SPIDER. Since that time, Emotet has evolved as one of the longest running and most dangerous ransomware variants. At the beginning of 2020, there was some calm because a security researcher had found an antidote (see EmoCrash protectet systems for 6 months against emotet-infections).
But since summer 2020 Emotet is back and currently the backers are running new campaigns to distribute the blackmail strojan. The countries France, Japan and New Zealand are currently affected by a wave of Emotet attacks. Therefore the responsible cyber security authorities have issued warnings. Bleeping Computer has here addressed the warning of the cyber security authorities of France.
ZDNet reports a sharp increase in Emotet attacks. According to ZDNet, the warnings of Emotet refer to e-mail spam campaigns. These emanate from the Emotet infrastructure and target companies and government agencies in these countries.
In France, Emotet infected computers on the network of the Parisian justice system. The French Ministry of the Interior blocked the delivery of all office documents (.doc) by email. The French cyber security agency ANSSI issued an official cyber security warning this week on Monday. ANSSI asked government agencies to be vigilant about the emails they open.
Emotet C&C servers deliver new malware
FAQ: Responding to an Emotet infection
CERT-Bund/BSI Warning about Emotet-Trojan/Ransomware
Cryptolaemus and the fight against Emotet
Emotet Trojan can overload computers on the network
Microsoft warns of massive Emotet campaign
EmoCrash protectet systems for 6 months against emotet-infections