Deprecated: Creation of dynamic property KEYDESIGN_ADDON_CLASS::$elements_folder is deprecated in /var/www/html/logix2022/wp-content/plugins/viva-addon/viva-addon.php on line 97

Deprecated: Creation of dynamic property KEYDESIGN_ADDON_CLASS::$params_dir is deprecated in /var/www/html/logix2022/wp-content/plugins/viva-addon/viva-addon.php on line 98

Deprecated: Creation of dynamic property Woo_Custom_Related_Products::$VERSION is deprecated in /var/www/html/logix2022/wp-content/plugins/woo-custom-related-products/includes/class-woo-custom-related-products.php on line 61

Deprecated: Creation of dynamic property WCS_Retry_Admin::$setting_id is deprecated in /var/www/html/logix2022/wp-content/plugins/woocommerce-subscriptions/includes/payment-retry/class-wcs-retry-admin.php on line 22
Emotet Malware spreading extensively via Microsoft Documents in emails - Logix InfoSecurity
Logix InfoSecurity > Blog > Emotet Malware spreading extensively via Microsoft Documents in emails

Emotet Malware spreading extensively via Microsoft Documents in emails

Hackers are trying to deliver Emotet malware by attaching it to Microsoft Office document via email. Many US citizens were affected by this around their recent Independence Day, by receiving an email with a document named ‘Greeting Card’ containing malicious malware.

EMOTET is a banking Trojan first seen in 2014 targeting customers of German Banks. Unlike other banking Trojans, Emotet is capable of reading the data sent over network connections bypassing HTTPS and other security tools. The recent appearance of this malware was tracked by ZScaler. ZScaler researchers say “We saw over two dozen unique payloads hitting our Cloud Sandbox in the 48-hour span from July 2nd to July 4th earlier this week.”

Once the user downloads the Microsoft Office Attachment and opens, it asks user to ‘Enable Macros’. Microsoft Office by default disables automatic execution of embedded macros until the user specifically selects ‘enable content’.

Enable_Editing_0

(image source: https://www.zscaler.com/blogs/research/independence-day-greeting-campaign-delivers-emotet-5)

Once the user is infected with the traditional email phishing attack,it uses Powershell to execute final WScript for downloading payload. Once it is installed, it is capable of stealing all the credentials through browsers and emails. It is mainly distributed via email phishing campaigns containing Microsoft Office Documents. Every time it emerges with a new capability.

The best precaution is to be extra careful while opening email attachments as Emotet cannot install without a user opening a malicious file. Companies need stronger solutions to plug up the holes in their networks. Use powerful corporate spam filters which block the emails for even the slightest of doubt. To know how to qualify or measure the cyber security and what are the best practices in case of emails our experts at Logix can help you.

Logix Infosecurity helps in identifying spam mails as well as intruders in your system and takes preventive measures. The firewalls are well equipped to keep your organization safe, up and running.

Email Ebook

Leave a Reply

Your email address will not be published. Required fields are marked *

Understand every aspect of the economy and know how to make your next move