Security News > 2023 > March > Emotet malware now distributed in Microsoft OneNote files to evade defenses
The Emotet malware is now distributed using Microsoft OneNote email attachments, aiming to bypass Microsoft security restrictions and infect more targets.
Emotet is a notorious malware botnet historically distributed through Microsoft Word and Excel attachments that contain malicious macros.
Due to this, BleepingComputer predicted that Emotet would switch to Microsoft OneNote files, which have become a popular method for distributing malware after Microsoft began blocking macros.
As predicted, in an Emotet spam campaign first spotted by security researcher abel, the threat actors have now begun distributing the Emotet malware using malicious Microsoft OneNote attachments.
Microsoft OneNote has become a massive malware distribution problem, with multiple malware campaigns using these attachments.
Admins can use these group policies to either block embedded files in Microsoft OneNote altogether or allow you to specify specific file extensions that should be blocked from running.
News URL
Related news
- Microsoft OneNote to get enhanced security after recent malware abuse (source)
- Emotet Malware Makes a Comeback with New Evasion Techniques (source)
- Hackers weaponize Microsoft Visual Studio add-ins to push malware (source)
- Post-Macro World Sees Rise in Microsoft OneNote Documents Delivering Malware (source)
- New QakNote attacks push QBot malware via Microsoft OneNote files (source)
- Hackers backdoor Microsoft IIS servers with new Frebniis malware (source)
- How to prevent Microsoft OneNote files from infecting Windows with malware (source)
- Emotet malware attacks return after three-month break (source)
- Microsoft to boost protection against malicious OneNote documents (source)
- Emotet Rises Again: Evades Macro Security via OneNote Attachments (source)