Emotet is one of the notorious malware wreaking havoc across industries by hacking systems. In that latest attack, it took down an entire network of Microsoft by overheating computers.
According to a report by Microsoft Detection and Response Team (DART), Emotet tricked one Microsoft employee into opening a malicious email attachment. A series of events that followed led to a week-long shut down of the organization’s core services by maxing out CPUs.
How was the attack executed?
Emotet malware managed to evade all detection systems as it is regularly controlled by the attacker’s command and control (C2C) server.
Five days after the employee’s credentials were extracted by the phishing email attachment, the Emotet payload was delivered and executed on Fabrikam’s (an alias used for the victim by Microsoft in its case study) PCs.
Soon, malware actors started targeting more employees of Fabrikam and their external contacts using stolen credentials and more systems were affected. The malware took over the control of the entire network by gaining access to the admin account.
Within 8 days since the email attachment was first opened, the entire network crashed despite the best efforts from the IT department of the entity.
All the PCs connected to the network started experiencing overheating, freezing, abrupt shutdowns and reboot due to Blue Screen of Death. Emotet malware also chugged all the bandwidth thus slowing down the internet connection of the network.
emotet malware microsoft entire network overheating
