Emotet operators have been working hard to strengthen their infrastructure and ramp up their attacks. Recently, their activities have reached new levels, raising alarms from several cybersecurity agencies across the globe.

What's happening?

In September 2020, cybersecurity agencies from New Zealand, France, and Japan have published security alerts about a sudden spike in Emotet activities.
  • The email spam campaigns originated from Emotet infrastructure (combined E1, E2, and E3 mini-botnets) and targeted companies and government agencies in the three countries.
  • CERT NZ has observed an increase in Emotet activities against New Zealand individuals and businesses spreading via emails and E3 mini-botnet.
  • CERT FR, moreover, noticed an upsurge in targeting French companies and administrations by the Emotet.
  • JPCERT/CC (CERT Japan) has alerted a rapid increase in the Emotet malware infection caused by E1 and E2 mini-botnets.

September got off on the wrong foot

The spike in Emotet malware activities is turning heads, making headlines, and triggering emergency alerts among country officials.
  • The Emotet malware targeted the Paris court and affected several officials such as Remy Heitz, Aude Buresi, and others.
  • In another attack, the malware was found using malicious email attachments that pretended to be from the Windows 10 Mobile OS and tricked users into enabling malicious Word macros.

At one point or another

According to Proofpoint researchers, Emotet is able to send out spam in multiple languages. Thus, researchers expect it to switch targeting and go after other countries as well in the future.

The bottom line

All three security alerts by the cybersecurity agencies provide sound advice for anyone looking for ways to prevent Emotet infections, regardless of the country of origin. According to experts, government and private organizations should pay attention to the emails their employees are opening, as one wrong click can impact the entire network.

Cyware Publisher

Publisher

Cyware