Emotet 木馬的垃圾郵件活動倍增並開始攻擊 64 位元系統

Emotet 機器人種植者透過惡意郵件繼續增加其戰鬥潛力. 二月裡, 卡巴斯基實驗室的安全解決方案被封鎖 3,000 spam emails generated by the Trojan; in March, the number of such messages increased to 30,000. To increase the percentage of infections, the malware was given 64-bit modules (previously it attacked only 32-bit systems).

Botnet Emotet, defeated by the concerted efforts of eight countries, began to revive at the end of last year. Within four months, the underlying Trojan managed to infiltrate 130,000 computers and continues to actively spam itself to this day.

According to Kaspersky’s observations, the number of malicious emails originating from this botnet increased tenfold in a month. Fake messages, as a rule, took the form of a response to an email sent by the victim and were provided with an attachment or a link to a legitimate web service. The mailings were made in 10 languages, including Russian; their goal was to seed Emotet or Qbot.

Check Point also noticed a sharp increase in Emotet activity. Compiling the March malware rating for this indicator, the experts put the Trojan on the top step of the podium.

And the Cryptolaemus cybersecurity team, which monitors the course of events on the botnet, has recorded the appearance of new, 64-bit Emotet modulesfor downloading additional files and for stealing data.

It is worth mentioning that these researchers distinguish between several botnets based on this malwarethey are called Epoch, adding a serial number. 所以, Epoch 4, on which 64-bit versions of the Emotet bootloader and infostealer were discovered on April 19, is usually used to test innovations. A day later, a new bootloader appeared in the Epoch 5 infrastructure (via an update).

It is noteworthy that after the Emotet update, the level of its detection fell by 60%, and then began to rise. As of 11 am on April 20, the results on VirusTotal for Epoch 4 和 5 are about the same – 18 out of 68 in the first case, 18 out of 61 in the second.

You need to try a good solution that detects unwanted items on your computer in three different waysLoaris 木馬清除器. Thanks to this, no malicious attacks will be scary.

發表評論