- Jul 22, 2014
- 2,525
Emotet gang takes their operation to a whole new level, showing why they're today's most dangerous malware.
The Emotet malware gang is now using a tactic that has been previously seen used by nation-state hackers.
The group has been spotted this week reviving old email conversation threads and injecting links to malicious files.
Users involved in the previous email exchanges would receive an email spoofed to appear from one of their previous correspondents, but actually coming from Emotet servers.
The email conversation thread would be left intact, but the Emotet gang would insert an URL at the top of the email that would link to an Emotet-infected file, or attach a malicious document to the existing email thread.
TACTIC STOLEN FROM NORTH KOREAN HACKERS
The tactic isn't new. Back in October 2017, Palo Alto Networks reported that a North Korean hacking group was doing the same, inserting malware into old email threads.
...
The Emotet malware gang is now using a tactic that has been previously seen used by nation-state hackers.
The group has been spotted this week reviving old email conversation threads and injecting links to malicious files.
Users involved in the previous email exchanges would receive an email spoofed to appear from one of their previous correspondents, but actually coming from Emotet servers.
The email conversation thread would be left intact, but the Emotet gang would insert an URL at the top of the email that would link to an Emotet-infected file, or attach a malicious document to the existing email thread.
TACTIC STOLEN FROM NORTH KOREAN HACKERS
The tactic isn't new. Back in October 2017, Palo Alto Networks reported that a North Korean hacking group was doing the same, inserting malware into old email threads.
...
