Emotet operators are trying to take advantage of the trick-or-treating Halloween festivities in their own way. Similar to 2019, Emotet malware operators were seen playing a Halloween trick, this year too, running lucrative campaigns to target their victims.
Emotet’s Halloween party
BleepingComputer reported Halloween-themed campaigns distributing Emotet malware that utilized spam emails with malicious Word attachments containing malicious macros.
- Microsoft Security Intelligence warned about the use of unique email subjects pretending to be an invitation for Halloween Party, such as Happy Halloween, Halloween invitation, and Halloween Party.
- However, Emotet operators were using their usual document template that asks users to upgrade their installed Microsoft Word version, instead of any customized template for Halloween.
- FireEye's Alex Lanstein spotted different names used for the malicious Word attachments in the campaign. These malicious attachments, with the standard buttons to Enable Editing and Enable Content, tricked the victims into installing Emotet.
Emotet in recent attacks
Emotet operators have shown their different shades.
- In October, Emotet attacks were focused on Windows OS Update related lures.
- The template involving Microsoft productivity tools (such as Microsoft Office 365) was used by Emotet operators to gain the trust of their potential targets.
A nationwide alert
After observing Emotet’s sky-rocketing activities, the CISA has raised a national-level security alert to warn multiple state and local governments in the U.S.
Endnotes
In recent times, Emotet malware operators have sharpened their attacks by all means. Since its return, the malware has begun to spew massive amounts of malicious spam worldwide, using generic and currently newsworthy lures, such as COVID-19, and the U.S. President’s health. Users should stay informed about these new tactics in use, strictly avoid opening any attachment or links from a suspicious email address, and use spam filters to detect unsolicited emails.
Publisher
/https://cyware-ent.s3.amazonaws.com/image_bank/3e07_shutterstock_1680829447.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/d2b0_shutterstock_1101060608.jpg)
