Tag: emotet
-
VB2019 video: Thwarting Emotet email conversation thread hijacking with clustering
Having returned from its summer break, Emotet is once again being used as the first stage of many often prominent and costly malware infections. A detailed analysis of the malware was given in a paper presented at VB2019 by Sophos researcher Luca Nagy. But Emotet isn’t just a very clever piece of malware. It also…
-
Emotet continues to bypass many email security products
Emails with a malicious link or attachment form only a small minority of the spam that is sent every day. If it appears that such emails are more common than that, it is not just because such emails are potentially more damaging: we have repeatedly seen that they are far more likely to bypass email…
-
VB2019 papers: Emotet and Ryuk
Targeted ransomware has become one of the biggest and most damaging cybercrime trends in recent years. ‘Targeted’ is a bit of a misnomer though: the operators of the ransomware rarely choose the victim organisations. Instead, they have the organisations ‘chosen’ through an infection with another piece of malware that is then used as a foothold…
-
New Emotet spam campaign continues to bypass email security products
Following the resumption of activity by Emotet’s C&C servers in August, it was only a matter of time before the botnet started sending out spam again. This did indeed happen on Monday morning. Many, though not all, of the emails Emotet sent out this week used a trick that the malware has used before :…
-
VB2019 preview: Exploring Emotet, an elaborate everyday enigma
Active since 2014, initially as a banking trojan, Emotet has been a plague on the Internet in recent years. Emotet’s core strength is its ability to download other malware, thus giving those in control of it remote code execution on infected systems and networks. Emotet has been the initial infection in many high-profile attacks, in…
-
The malspam security products miss: Emotet, Ursnif, and a spammer’s blunder
This blog post was put together in collaboration with VB test engineers Adrian Luca and Ionuţ Răileanu. Virus Bulletin uses email feeds provided by Abusix and Project Honey Pot . In our VBSpam test lab , we continue to receive spam from around the world, including a fair number of emails carrying malware, or with…
-
The malspam security products miss: Emotet, Ursnif, and a spammer’s blunder
This blog post was put together in collaboration with VB test engineers Adrian Luca and Ionuţ Răileanu. Virus Bulletin uses email feeds provided by Abusix and Project Honey Pot . In our VBSpam test lab , we continue to receive spam from around the world, including a fair number of emails carrying malware, or with…
-
The malspam security products miss: banking and email phishing, Emotet and Bushaloader
This blog post was put together in collaboration with VB test engineers Adrian Luca and Ionuţ Răileanu. Virus Bulletin uses email feeds provided by Abusix and Project Honey Pot . This year, Virus Bulletin ‘s VBSpam test lab turns ten years old. Just as malicious and unwanted emails have evolved over the years, so has…
-
The malspam security products miss: banking and email phishing, Emotet and Bushaloader
This blog post was put together in collaboration with VB test engineers Adrian Luca and Ionuţ Răileanu. Virus Bulletin uses email feeds provided by Abusix and Project Honey Pot . This year, Virus Bulletin ‘s VBSpam test lab turns ten years old. Just as malicious and unwanted emails have evolved over the years, so has…
-
From Amazon to Emotet: a look at those phishing and malware emails that bypassed email security products
This blog post was put together in collaboration with VB test engineers Adrian Luca and Ionuţ Răileanu. On this blog, we regularly look at those phishing and malware emails that we notice bypassing email security products in our test lab – something which they do at much a higher rate than ordinary spam emails. This…