SMS Attack Spreads Emotet, Steals Bank Credentials

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,057
Attackers are sending SMS messages purporting to be from victims’ banks – but once they click on the links in the text messages, they are asked to hand over their banking credentials and download a file that infects their systems with the Emotet malware.

Emotet has continued to evolve since its return in September, including a new, dangerous Wi-Fi hack feature disclosed last week that can let the malware spread like a worm. Now, this most recent campaign delivers the malware via “smishing,” a form of phishing that relies on text messages instead of email. While smishing is certainly nothing new, researchers say that the delivery tactic exemplifies Emotet’s operators constantly swapping up their approaches to go beyond mere malspam emails – making it hard for defense teams to keep up.

“Emotet’s operator, the Mealybug gang, has varied its activity levels over time, sometimes going into lengthy lulls and periods of low-volume activity,” said researchers with IBM X-Force in a Wednesday analysis. “Since late 2019, Mealybug has been pushing its activity through various channels, including spam, sextortion emails, SMiShing and ploys like fake Coronavirus warnings that were spread in Japan.”
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top