Security News > 2020 > January > Coronavirus Campaigns Spread Emotet, Malware

Coronavirus Campaigns Spread Emotet, Malware
2020-01-30 18:20

A recent spate of malicious, botnet-driven emails is using the coronavirus as a theme, according to telemetry from IBM X-Force and Kaspersky.

"Previously, Japanese Emotet emails have been focused on corporate style payment notifications and invoices, following a similar strategy as emails targeting European victims," said the firm.

As with most Emotet email-borne attacks, if the attachment is opened with macros enabled, an obfuscated VBA macro script opens Powershell and installs an Emotet downloader in the background.

"The extracted macros are using the same obfuscation technique as other Emotet emails observed in the past few weeks," IBM X-Force analysts said.

"As people continue to be worried for their health, we may see more and more malware hidden inside fake documents about the coronavirus being spread," wrote Anton Ivanov, Kaspersky malware analyst, in the report.


News URL

https://threatpost.com/coronavirus-propagate-emotet/152404/