Hackers are trying to deliver Emotet malware by attaching it to Microsoft Office document via email. Many US citizens were affected by this around their recent Independence Day, by receiving an email with a document named ‘Greeting Card’ containing malicious malware.
EMOTET is a banking Trojan first seen in 2014 targeting customers of German Banks. Unlike other banking Trojans, Emotet is capable of reading the data sent over network connections bypassing HTTPS and other security tools. The recent appearance of this malware was tracked by ZScaler. ZScaler researchers say “We saw over two dozen unique payloads hitting our Cloud Sandbox in the 48-hour span from July 2nd to July 4th earlier this week.”
Once the user downloads the Microsoft Office Attachment and opens, it asks user to ‘Enable Macros’. Microsoft Office by default disables automatic execution of embedded macros until the user specifically selects ‘enable content’.
(image source: https://www.zscaler.com/blogs/research/independence-day-greeting-campaign-delivers-emotet-5)
Once the user is infected with the traditional email phishing attack,it uses Powershell to execute final WScript for downloading payload. Once it is installed, it is capable of stealing all the credentials through browsers and emails. It is mainly distributed via email phishing campaigns containing Microsoft Office Documents. Every time it emerges with a new capability.
The best precaution is to be extra careful while opening email attachments as Emotet cannot install without a user opening a malicious file. Companies need stronger solutions to plug up the holes in their networks. Use powerful corporate spam filters which block the emails for even the slightest of doubt. To know how to qualify or measure the cyber security and what are the best practices in case of emails our experts at Logix can help you.
Logix Infosecurity helps in identifying spam mails as well as intruders in your system and takes preventive measures. The firewalls are well equipped to keep your organization safe, up and running.
