Current Kaspersky figures show that around 5.500 Emotet attacks are currently taking place every day. Denis Parinov and Oleg Kupreev, security experts at Kaspersky, comment on the new attack activity as follows.
“We have been following Emotet's activities for a long time. Recently we actually saw new samples of this family 'in the wild', but at the moment we don't expect the attacks to be as massive as they were before the Emotet backers were arrested. We are currently seeing around 5.500 attacks every day. We also see malicious documents that act as downloaders (Microsoft Word documents, document archives, links to such malicious documents). We will closely follow the new activity of Emotet. "
Kaspersky recognizes and tracks Emotet
Kaspersky products detect and block both Trickbot (Trojan-Banker.Win32.Trickster), the botnet used to download the malware, and Emotet (Trojan-Banker.Win32.Emotet).
The BSI has also issued a warning that a new wave of spam is expected with Emotet in its luggage. As soon as Emotet has hijacked a system, it opens ports and usually gets ransomware as reinforcement. In the 2018 to 2021 campaigns, it was mostly Ryuk and Trickbot. While Ryuk works as a classic ransomware with blackmail, TrickBot enslaves the system and lets it mine for digital currency.
More at Kaspersky.com
About Kaspersky Kaspersky is an international cybersecurity company founded in 1997. Kaspersky's in-depth threat intelligence and security expertise serve as the basis for innovative security solutions and services to protect companies, critical infrastructures, governments and private users worldwide. The company's comprehensive security portfolio includes leading endpoint protection as well as a range of specialized security solutions and services to defend against complex and evolving cyber threats. Kaspersky technologies protect over 400 million users and 250.000 corporate customers. More information about Kaspersky can be found at www.kaspersky.com/