Security News > 2023 > March > Emotet malware now distributed in Microsoft OneNote files to evade defenses

Emotet malware now distributed in Microsoft OneNote files to evade defenses
2023-03-18 19:03

The Emotet malware is now distributed using Microsoft OneNote email attachments, aiming to bypass Microsoft security restrictions and infect more targets.

Emotet is a notorious malware botnet historically distributed through Microsoft Word and Excel attachments that contain malicious macros.

Due to this, BleepingComputer predicted that Emotet would switch to Microsoft OneNote files, which have become a popular method for distributing malware after Microsoft began blocking macros.

As predicted, in an Emotet spam campaign first spotted by security researcher abel, the threat actors have now begun distributing the Emotet malware using malicious Microsoft OneNote attachments.

Microsoft OneNote has become a massive malware distribution problem, with multiple malware campaigns using these attachments.

Admins can use these group policies to either block embedded files in Microsoft OneNote altogether or allow you to specify specific file extensions that should be blocked from running.


News URL

https://www.bleepingcomputer.com/news/security/emotet-malware-now-distributed-in-microsoft-onenote-files-to-evade-defenses/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 480 75 2308 5127 264 7774