Malware Spotlight: Emotet

  • Published: Wednesday, Sept. 16, 2020

The Emotet Trojan was first discovered in 2014. Designed as a banking Trojan, its purpose was to infect your computer in order to steal sensitive information. Its delivery method is via email which contains malicious links, scripts or macro-enabled file attachments. 

Through the years Emotet malware has been refined to be more sophisticated. Using several persistent methods, which include auto-start of registry keys and services, its ability to avoid detection has enabled it to thrive. The Trojan is virtual environment aware and can generate deceptive indicators when running in a virtual environment. It can self-replicate quickly before being detected and therefore harvest a lot of private and sensitive information.

Victims of Emotet may suffer loss of data and the costs involved with mitigation and interruption of service as well as reputation damage.

Security is best done in layers. Taking this approach is the best way to protect your users and organization.

  • Use anti-virus software.
  • Employ a spam/email filtering system.
  • Keep hardware and software patched and up to date.
  • Implement an ongoing cybersecurity awareness training program that includes phishing education.
  • Set access controls that will prevent executables or other file extensions from running. 
  • Control privileged access for users.

Resources:

Japan, France, New Zealand Warn of Sudden Uptick in Emotet Trojan Attacks