Notorious Emotet Malware Returns With High-Volume Malspam Campaign

2022-11-21 14:24

The notorious Emotet malware has returned with renewed vigor as part of a high-volume malspam campaign designed to drop payloads like IcedID and Bumblebee.

"Hundreds of thousands of emails per day" have been sent since early November 2022, enterprise security company Proofpoint said last week, adding, "The new activity suggests Emotet is returning to its full functionality acting as a delivery network for major malware families."

Europol called Emotet the "World's most dangerous malware" for its ability to act as a "Primary door opener for computer systems" to deploy next-stage binaries that facilitate data theft and ransomware.

"Therefore, it is interesting to note that this new campaign of Emotet is using its old method of distributing malicious Microsoft Office documents via email-based phishing."

One of the follow-on payloads distributed through Emotet is a brand new variant of the IcedID loader, which receives commands to read and send file contents to a remote server, in addition to executing other backdoor instructions that allow it to extract web browser data.

Another malware dropped via Emotet is Bumblebee, according to Palo Alto Networks Unit 42.

News URL

https://thehackernews.com/2022/11/notorious-emotet-malware-returns-with.html

#emotet #malspam #malware