The BSI in Germany is urging companies and citizens to be aware of an advanced persistent threat which is using the Emotet malware. BSI has noticed that fake emails on behalf of colleagues, business partners or acquaintances contain the Emotet malware.
The Emotet malware is capable of affecting entire networks once it has breached an environment
What is Emotet and what makes this malicious software so dangerous?
Behind Emotet hide cyber criminals who have adapted and automated the methods of highly professional APT
attacks. The so-called ” Outlook Harvesting ” Emotet able authentic-looking is spam – mails to send.
The malware reads out contact relations and, for some weeks, e-mail content from the mailboxes of already infected systems. It automatically uses this information for retransmission so that recipients receive fake emails from senders with whom they have recently been in contact.
Emotet also has the ability to reload more malicious software as soon as it infects a computer. These malicious programs allow attackers to read out access data and have complete remote access to the system.
Most recently, the banking Trojan ” Trickbot ” was reloaded, inter alia,
via the read access of access data (Mimikatz) and SMB
vulnerabilities ( Eternal Blue / Romance) can spread independently in a network.
Depending on the network configuration, it has come to failure of complete corporate networks. Because of constant modifications, the malicious programs are initially not recognized by standard virus protection programs and make profound changes to infected systems. Cleanup attempts are usually unsuccessful and involve the risk of parts of the malware remaining on the system.
Fake emails on behalf of colleagues, business partners or acquaintances – Malicious software that paralyzes entire corporate networks: Emotet is considered one of the most dangerous threats by malicious software worldwide and caused by the reloading of other malicious programs currently high damage in Germany.
The Federal Office for Information Security ( BSI ) has received a conspicuous accumulation of reports on serious IT security incidents related to Emotet in recent days .