The New Zealand Government’s Computer Emergency Response Team (CERT) issued a warning statement about Trojan malware spread, which targets banking systems – Emotet. This malware reportedly is making its way into computers using emails.
Emotet has become a global threat because it was initially designed to be a trojan horse aimed at stealing financial data but has gradually mutated into being used as a delivery agent for ransomware. It also uses various techniques to avoid detection. CERT-NZ said that it was aware of increased Emotet activity among New Zealand organizations.
According to the CERT report, Emotet is most likely to hit computers that run MS-Windows. The agency elaborated that the malware enters the system via email attachments, which are usually disguised to look like real documents. The virus is designed to obtain the security credentials of the system that it is affecting. This information is transferred to spambots, which send more infected emails and keep the chain running.
Emotet is also able to play the function of dropping other malwares into the host system. Data-extraction viruses like Trickbot and QBot can be infused using Emotet. The CERT report said, “(Trickbot and QBot) may be used to provide access to attackers who carry out network compromise and data exfiltration, and often install ransomware such as Ryuk, Maze, Conti, or ProLock throughout a network.”
The CERT report mentions how users can know if they have been affected by Emotet and methods to prevent the virus attack in the first place. Some of these methods include fundamental precautions like ensuring that the antivirus is up and running and disabling Macros within MS-Office. The report also coaches users on how to deal with an Emotet attack.