- Jul 22, 2014
- 2,525
After a short break, Emotet malware has been observed concealed in documents delivered through emails that pretended to be from financial institutions or disguised as Thanksgiving-themed greetings for employees.
In early October, Emotet activity dropped off the radar, only to come back towards the end of the month with a new plugin that exfiltrates email subjects and 16KB of the bodies.
The new functionality could be used to create better phishing templates, which seems to be the case with the latest campaigns.
Email-stealing module paying off
Provider of phishing defense solutions Cofense, formerly PhishMe, noticed new Emotet-related activity on November 13. The malware piece came via elaborate phishing messages that spoofed "a known and trusted organization."
...
...
Emotet is not the final payload
..
...
Emotet's Thanksgiving lure
Emotet has been part of another campaign that started on November 19 and delivered over 27,000 emails in a less than ten hours, between 07:30 and 17:00.
...
...
In early October, Emotet activity dropped off the radar, only to come back towards the end of the month with a new plugin that exfiltrates email subjects and 16KB of the bodies.
The new functionality could be used to create better phishing templates, which seems to be the case with the latest campaigns.
Email-stealing module paying off
Provider of phishing defense solutions Cofense, formerly PhishMe, noticed new Emotet-related activity on November 13. The malware piece came via elaborate phishing messages that spoofed "a known and trusted organization."
...
...
Emotet is not the final payload
..
...
Emotet's Thanksgiving lure
Emotet has been part of another campaign that started on November 19 and delivered over 27,000 emails in a less than ten hours, between 07:30 and 17:00.
...
...