After a ten-month hiatus, Emotet returns with multiple spam campaigns delivering malicious documents to mailboxes worldwide. Commonly used by eCrime groups like Wizard Spider, the return of Emotet foreshadows a potential surge in ransomware attacks.
The Emotet infrastructure acts as a primary door opener for computer systems on a global scale. Once access is established, these are sold to other top-level criminal groups to deploy further illicit activities such as data theft and extortion through ransomware. Despite having been taken down in January of 2021, Emotet has once again resurfaced and is back to infecting networks around the world. More importantly, is that the return of Emotet signals a potential surge of ransomware attacks in the coming months.
Download the full report which includes an analysis of the malicious code hidden within a word document.