IT, New Media & Software

Monday, 04 March 2019 09:18

Malicious Emotet trojan doing the rounds

Written by 

If you haven’t heard of it yet, then be on the lookout for this malevolent trojan currently doing the rounds.  Emotet is reported to dwarf the impact of WannaCry and NotPetya which made headlines in 2018 for multimillion dollar losses incurred to businesses across the globe, not to mention massive business interruption and reputational hits.

This is according to Linda Morris of Smart Technology Centre (STC), a leading internet service provider (ISP) and IT technology partner, who says it was initially intended as a banking trojan.  “Emotet is constantly evolving to gain access to unsuspecting victims’ computer systems,” she adds.

What does it look like?

Often disguised as a financial-related file, it is spread through spam e-mails and will arrive in your inbox containing familiar branding and malicious script, a malicious link or a macro-enabled document file that could look like a word or an excel document. 

What does it do?

If you click on the attachment or the link, the code downloads and installs the malware on the host system, from where it contacts its port of call to deliver the payload that it was intended for. 

What makes Emotet scary, is that it could launch a host of attacks ranging from ransomware and banking trojans, through to stealing banking and sensitive information; in addition to raiding your contact list.  It perpetuates the vicious cycle by sending your contacts infected e-mails from your e-mail address, adding a guise of legitimacy to unsuspecting victims.  

Unique Emotet characteristics?

Emotet employs polymorphic evasion tactics to fly under the radar of anti-malware products.  It literally changes itself every time it is downloaded, which makes it hard for signature-based cyber security systems to detect it.  It’s worm-like capabilities also means that it can spread through a network of connected computers. 

How do I prevent an Emotet attack?

“In our hyperconnected world where we are dependent on technology for virtually every aspect of our business and lifestyle transacting, no business is safe unless security and protocols are a top priority.  In terms of the human element, do not open any strange links or attachments, especially if you are not expecting it, no matter how legitimate the e-mail may appear to be.  If you feel uneasy, pick up a phone and check with the person whether they sent anything to you. 

“Make sure that security protection is deployed and up to date and that your IT partner runs regular checks.  Smart Technology Centre recommends the Sophos product set, one of the best in class internet security solutions according to Gartner, which incorporates artificial intelligence to proactively block malicious viruses, malware, exploits and ransomware attacks,” concludes Linda.

About Pressportal

MyPressportal is geared towards the South African Market only. A press release can have a huge impact on the marketing of your company, as many journalist use press releases to communicate new happenings from all types of companies and NGO's. MyPressportal is FREE. We do not plan not to make this a paid service. If you would like to know more about the system, please read the FAQ.