Security News > 2023 > March > Emotet malware now distributed in Microsoft OneNote files to evade defenses
The Emotet malware is now distributed using Microsoft OneNote email attachments, aiming to bypass Microsoft security restrictions and infect more targets.
Emotet is a notorious malware botnet historically distributed through Microsoft Word and Excel attachments that contain malicious macros.
Due to this, BleepingComputer predicted that Emotet would switch to Microsoft OneNote files, which have become a popular method for distributing malware after Microsoft began blocking macros.
As predicted, in an Emotet spam campaign first spotted by security researcher abel, the threat actors have now begun distributing the Emotet malware using malicious Microsoft OneNote attachments.
Microsoft OneNote has become a massive malware distribution problem, with multiple malware campaigns using these attachments.
Admins can use these group policies to either block embedded files in Microsoft OneNote altogether or allow you to specify specific file extensions that should be blocked from running.
News URL
Related news
- New Microsoft script updates Windows media with bootkit malware fixes (source)
- Microsoft says attackers use exposed ASP.NET keys to deploy malware (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- Microsoft spots XCSSET macOS malware variant used for crypto theft (source)
- Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics (source)