Security News > 2020 > January > U.N. Weathers Storm of Emotet-TrickBot Malware

U.N. Weathers Storm of Emotet-TrickBot Malware
2020-01-15 18:57

The operators behind the notorious Emotet malware have taken aim at United Nations personnel in a targeted attack ultimately bent on delivering the TrickBot trojan.

Emotet started life as a banking trojan in 2014 and has continually evolved to become a full-service threat-delivery mechanism.

In the case of the U.N. attacks, Emotet was seen attempting to send out spam emails to additional victims and download second-stage malicious payloads, including the TrickBot trojan, which can harvest various passwords and credentials from infected machines.

According to eSentire's Annual Threat Intelligence Report, released this week, Emotet accounted for almost a fifth of confirmed malware incidents in 2019, making it the most-observed threat in eSentire's telemetry both on networks and on endpoints - despite a midyear hiatus when the malware's command-and-control servers were dormant.

"Because these attacks differ from the normal Emotet spam campaigns, we know that the bad actors are specifically tailoring their approach based on other knowledge or data they've acquired. This is an extremely common tactic in today's threat landscape, and cybercriminals are leveraging swaths of information to launch highly convincing impersonation-based attacks."


News URL

https://threatpost.com/un-weathers-emotet-trickbot-malware/151894/