Security News > 2022 > March > Emotet growing slowly but steadily since November resurgence

Emotet growing slowly but steadily since November resurgence
2022-03-08 15:00

The notorious Emotet botnet is still being distributed steadily in the wild, having now infected 92,000 systems in 172 countries.

Emotet activity stopped in 2019 while its second major version was in circulation, and the malware returned only in November 2021, with the help of Trickbot.

As you can see below, the Emotet botnet started to slowly recreate itself in November, seeing far greater distribution via phishing campaigns beginning in January 2022.

The new Emotet campaign also includes features like a new elliptic curve cryptography scheme that replaces the RSA encryption used for network traffic protection and validation.

The malware authors have now added more info-gathering capabilities for better system profiling, whereas previously, Emotet would only send back a list of running processes.

Black Lotus reports that there are currently 170 unique C2s supporting Emotet's resurgence, with the number growing slowly but steadily.


News URL

https://www.bleepingcomputer.com/news/security/emotet-growing-slowly-but-steadily-since-november-resurgence/