Emotet bot growers continue to increase their combat potential through malicious mailings. In February, Kaspersky Lab’s security solutions blocked about 3,000 spam emails generated by the Trojan; in March, the number of such messages increased to 30,000. To increase the percentage of infections, the malware was given 64-bit modules (previously it attacked only 32-bit systems).
Botnet Emotet, defeated by the concerted efforts of eight countries, began to revive at the end of last year. Within four months, the underlying Trojan managed to infiltrate 130,000 computers and continues to actively spam itself to this day.
According to Kaspersky’s observations, the number of malicious emails originating from this botnet increased tenfold in a month. Fake messages, as a rule, took the form of a response to an email sent by the victim and were provided with an attachment or a link to a legitimate web service. The mailings were made in 10 languages, including Russian; their goal was to seed Emotet or Qbot.
Check Point also noticed a sharp increase in Emotet activity. Compiling the March malware rating for this indicator, the experts put the Trojan on the top step of the podium.
And the Cryptolaemus cybersecurity team, which monitors the course of events on the botnet, has recorded the appearance of new, 64-bit Emotet modules – for downloading additional files and for stealing data.
It is worth mentioning that these researchers distinguish between several botnets based on this malware – they are called Epoch, adding a serial number. So, Epoch 4, on which 64-bit versions of the Emotet bootloader and infostealer were discovered on April 19, is usually used to test innovations. A day later, a new bootloader appeared in the Epoch 5 infrastructure (via an update).
It is noteworthy that after the Emotet update, the level of its detection fell by 60%, and then began to rise. As of 11 am on April 20, the results on VirusTotal for Epoch 4 and 5 are about the same – 18 out of 68 in the first case, 18 out of 61 in the second.
You need to try a good solution that detects unwanted items on your computer in three different ways – Loaris Trojan Remover. Thanks to this, no malicious attacks will be scary.