US Cybersecurity Agency Issues Emotet Warning

America's Cybersecurity and Infrastructure Security Agency (CISA) issued a warning yesterday after observing an increase in the number of targeted cyber-attacks that utilize Emotet.

Emotet functions as a modular botnet that can steal data, send malicious emails, and act as a dropper, downloading and installing a wide range of malware onto a victim's computer. This sophisticated strain of malware was developed by threat group TA542. 

CISA said: "Emotet primarily spreads via malicious email attachments and attempts to proliferate within a network by brute forcing user credentials and writing to shared drives. If successful, an attacker could use an Emotet infection to obtain sensitive information."

The agency warned that such an attack could result in the loss of money and of proprietary information as well as cause "disruption to operations and harm to reputation."

CISA advised users and system administrators to block email attachments such as .dll and .exe, which are commonly associated with malware, and to block any email attachments that cannot be scanned by antivirus software.

Further protection measures suggested by CISA are to implement firewalls, an antivirus program, and a formalized patch management process.

To stop a virus from running rampant around your network, CISA recommended segmenting and segregating networks and functions. 

The warning comes a week after cybersecurity firm Proofpoint announced that Emotet was back and causing trouble with a new campaign after taking what appeared to be a Christmas break. Researchers spotted Emotet going after targets in the pharmace ..

Support the originator by clicking the read the rest link below.