Security News > 2021 > December > Emotet’s Behavior & Spread Are Omens of Ransomware Attacks

The rapid spread of Emotet via TrickBot and its behavior since the malware resurfaced last month could signal that a spate of ransomware attacks are on the way, spurring researchers to warn organizations to buckle up and get ready.
On Wednesday, Check Point Research also published a report that warned of imminent ransomware attacks now that TrickBot is dropping Emotet samples, especially given that TrickBot has amassed 140,000 victims across 149 countries in only 10 months.
TrickBot's recently discovered spread of Emotet is a strong indicator of future ransomware attacks, as the malware provides ransomware gangs a backdoor into compromised machines, researchers said in the report.
TrickBot and Emotet - "Two of the largest botnets in history," according to Check Point - are cozy bedfellows and have been paired together often in the past by threat actors to mount numerous attacks.
Emotet also is now back to using malicious documents to drop its samples, as well as riding along with TrickBot, according to Check Point, which detailed an Emotet infection carried out in this way.
"The return can also cause an increase in ransomware attacks as Emotet is known to drop various ransomware in the past."
News URL
https://threatpost.com/emotets-behavior-spread-are-omens-of-ransomware-attacks/176845/
Related news
- US indicts 8Base ransomware operators for Phobos encryption attacks (source)
- RA World Ransomware Attack in South Asia Links to Chinese Espionage Toolset (source)
- Chinese espionage tools deployed in RA World ransomware attack (source)
- Lee Enterprises newspaper disruptions caused by ransomware attack (source)
- Southern Water says Black Basta ransomware attack cost £4.5M in expenses (source)
- Qilin ransomware claims attack at Lee Enterprises, leaks stolen data (source)
- Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Hunters International ransomware claims attack on Tata Technologies (source)
- Toronto Zoo shares update on last year's ransomware attack (source)