This is how the new campaign of dangerous malware Emotet works

Malicious email attachments

This type of threat works through malicious attachments that they send to the victim via email. The goal is for the victim to open that email and download the file that is actually the malware. They carry malicious macros or JavaScript and when opened they will download the Emotet DLL and load it on the computer through PowerShell.

When this malware runs, the first thing it does is search for all kinds of emails and steal them to carry out more spam campaigns and reach more victims. But in addition, some varieties of malware such as TrickBot or Qbot will also sneak into the system, which can lead to ransomware attacks.

Without a doubt the ransomware attacks they are one of the most important problems today. What the attacker is looking for with this is to encrypt the victim’s computer. In return, he will request a financial ransom to free the files or allow the victim to enter his computer again.

But what are those attachments usually? Generally the Emotet botnet use Word, Excel or ZIP files and are often password protected. We are facing a Phishing attack, since they use a bait so that the victim ends up clicking and downloading something.

These Phishing emails they arrive in chain. That is, they manage to get hold of a large number of e-mail addresses and send the malware to many recipients. They usually use baits such as a supposed canceled meeting, a problem with a service, an order that has not been sent correctly, etc. Anything that catches the victim’s attention and ends up clicking.

Once you enable editing of a file, the payload automatically runs. That’s when the Emotet malware really starts to kick in.

How to protect ourselves from Emotet

What can we do to protect ourselves from Emotet and prevent our computer from being infected with malware? First and foremost is the common sense. We must avoid clicking on any link or downloading attachments that come to us without really knowing where they came from.

Also, to prevent our mail address ends up in a Spam campaign of this type, it is important that we do not make the address public in open forums or websites where bots or any intruder can access.

On the other hand, keep the up-to-date and safe equipment it will always be very important. We must have a good antivirus to protect us. There are many options, such as Windows Defender, Avast, Bitdefender or any other. But also have the latest versions of the system and thus be able to correct vulnerabilities that may exist. You can check if your computer is affected by Emotet.

In short, Emotet is back with new Spam campaigns that can put our security at risk. It is essential to be protected and not make any kind of mistake.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *