Security News > 2021 > December > Emotet’s Behavior & Spread Are Omens of Ransomware Attacks
The rapid spread of Emotet via TrickBot and its behavior since the malware resurfaced last month could signal that a spate of ransomware attacks are on the way, spurring researchers to warn organizations to buckle up and get ready.
On Wednesday, Check Point Research also published a report that warned of imminent ransomware attacks now that TrickBot is dropping Emotet samples, especially given that TrickBot has amassed 140,000 victims across 149 countries in only 10 months.
TrickBot's recently discovered spread of Emotet is a strong indicator of future ransomware attacks, as the malware provides ransomware gangs a backdoor into compromised machines, researchers said in the report.
TrickBot and Emotet - "Two of the largest botnets in history," according to Check Point - are cozy bedfellows and have been paired together often in the past by threat actors to mount numerous attacks.
Emotet also is now back to using malicious documents to drop its samples, as well as riding along with TrickBot, according to Check Point, which detailed an Emotet infection carried out in this way.
"The return can also cause an increase in ransomware attacks as Emotet is known to drop various ransomware in the past."
News URL
https://threatpost.com/emotets-behavior-spread-are-omens-of-ransomware-attacks/176845/
Related news
- Hyundai Motor Europe hit by Black Basta ransomware attack (source)
- Ransomware attack forces 18 Romanian hospitals to go offline (source)
- Ransomware attack forces 21 Romanian hospitals to go offline (source)
- Ransomware attack forces 25 Romanian hospitals to go offline (source)
- Ransomware attack forces 100 Romanian hospitals to go offline (source)
- Trans-Northern Pipelines investigating ALPHV ransomware attack claims (source)
- LockBit claims ransomware attack on Fulton County, Georgia (source)
- Critical infrastructure software maker confirms ransomware attack (source)
- ScreenConnect servers hacked in LockBit ransomware attacks (source)
- New ScreenConnect RCE flaw exploited in ransomware attacks (source)