Published on July 9th, 2019 📆 | 6509 Views ⚑0
Emotet Takes a Break, but Possibly Not for Long
Check Point’s researchers believe that Emotet’s infrastructure could be offline for maintenance and upgrade operations, and that as soon as its servers are up and running again, Emotet will be reactivated with new, enhanced threat capabilities.
“Emotet has been around as a banking Trojan since 2014. Since 2018 however we have seen it being used as a botnet in major malspam campaigns and used to distribute other malwares. Even though its infrastructure has been inactive for much of June 2019, it was still #5 in our global malware index, which shows just how much it is being used – and it’s likely that it will re-emerge with new features,” said Maya Horowitz, Director Threat Intelligence & Research at Check Point.
“Once Emotet is installed on a victim’s machine, it can use it to spread itself via further spam campaigns, download other malwares (like Trickbot, which in turn infects the entire hosting network with the infamous Ryuk Ransomware), and spread to further assets in the network.”
Check Point’s Global Threat Impact Index and its ThreatCloud Map is powered by Check Point’s ThreatCloud intelligence, the largest collaborative network to fight cybercrime which delivers threat data and attack trends from a global network of threat sensors. The ThreatCloud database holds over 250 million addresses analyzed for bot discovery, more than 11 million malware signatures and over 5.5 million infected websites, and identifies millions of malware types daily.
Check Point’s Threat Prevention Resources are available at: http://www.checkpoint.com/threat-prevention-resources/index.html
https://twitter.com/_cpresearch” data-reactid=”37″>Follow Check Point Research via:
|INVESTOR CONTACT:||MEDIA CONTACT:|
|Kip E. Meintzer||Emilie Beneitez Lefebvre|
|Check Point Software Technologies||Check Point Software Technologies|
|+1.650.628.2040||+44 7785 38302|