Security News > 2021 > December > Emotet’s Behavior & Spread Are Omens of Ransomware Attacks
The rapid spread of Emotet via TrickBot and its behavior since the malware resurfaced last month could signal that a spate of ransomware attacks are on the way, spurring researchers to warn organizations to buckle up and get ready.
On Wednesday, Check Point Research also published a report that warned of imminent ransomware attacks now that TrickBot is dropping Emotet samples, especially given that TrickBot has amassed 140,000 victims across 149 countries in only 10 months.
TrickBot's recently discovered spread of Emotet is a strong indicator of future ransomware attacks, as the malware provides ransomware gangs a backdoor into compromised machines, researchers said in the report.
TrickBot and Emotet - "Two of the largest botnets in history," according to Check Point - are cozy bedfellows and have been paired together often in the past by threat actors to mount numerous attacks.
Emotet also is now back to using malicious documents to drop its samples, as well as riding along with TrickBot, according to Check Point, which detailed an Emotet infection carried out in this way.
"The return can also cause an increase in ransomware attacks as Emotet is known to drop various ransomware in the past."
News URL
https://threatpost.com/emotets-behavior-spread-are-omens-of-ransomware-attacks/176845/
Related news
- JPCERT shares Windows Event Log tips to detect ransomware attacks (source)
- Ransomware attack forces UMC Health System to divert some patients (source)
- Underground ransomware claims attack on Casio, leaks stolen data (source)
- Casio confirms customer data stolen in a ransomware attack (source)
- Schools bombarded by nation-state attacks, ransomware gangs, and everyone in between (source)
- BianLian ransomware claims attack on Boston Children's Health Physicians (source)
- Microsoft: Ransomware Attacks Growing More Dangerous, Complex (source)
- Tech giant Nidec confirms data breach following ransomware attack (source)
- Crypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware Attacks (source)
- Ransomware Gangs Use LockBit's Fame to Intimidate Victims in Latest Attacks (source)