EMOTET

Share This Post

The internet is full of virus’, malware and phishing attacks; the internet can be a dangerous place for those who don’t know the warning signs of malicious behaviour. In this blog we are going to discuss the EMOTET malware/virus that has been in circulation since around 2014; recently, a few of our clients have reported attempted EMOTET attacks, so we thought this was a good time to remind you to keep safe online!

EMOTET was designed predominantly to silently steal internet banking and other important user credentials. The malware sneaks onto your computer through (usually) harmless applications, after which it is free to monitor and capture any private information it pleases for as long as it remains undetected. From here, EMOTET spreads in any way it can and can even evade some anti-malware products!



How does EMOTET spread?

EMOTET spreads primarily through what we call ‘malspam’; it finds your email contacts and sends them what can look like a routine email in the hope that the recipient opens it and clicks the included document/link/file. Since the emails are being sent from your account there is a good change recipients and mail filters alike may treat it as legitimate, which allows for the seamless spreading of EMOTET.



Who does EMOTET target?

EMOTET can target anyone. From individuals, and small businesses to government and large corporate entities. As a technology and a malicious tool, it does not discriminate. It has successfully stolen an enormous quantity of passwords, financial information and even Bitcoin wallets!



How prevalent is EMOTET?

The bottom line is that a lot of private companies do not disclose when they have been attacked; not only will it cost them a lot of money to fix, it also would show that they have vulnerabilities in their system and potentially make them a target. We don’t really know how many successful EMOTET attacks there have been… but the cost has very likely been massive.



What can you do to protect from EMOTET?

1.     Educate yourself and your team on how to identify suspicious emails, attachments and links. If you avoid these emails, EMOTET will never have a chance to get a foothold on your computer.

2.     Create strong, unique passwords and use Multi-Factor Authentication (MFA); with  MFA, even if an attacker gains access to one of your passwords, they will not be able to login without access to your MFA token.

3.     Make sure all you keep your computers and software up-to-date with the latest patches

4.     Implement an intelligent advanced threat protection solution such as Microsoft Defender/Azure Sentinal. These products will help identify and stop the spread of EMOTET if it does find a way into your network.



What to do if you think you have been infected by EMOTET

Isolate your machine immediately. EMOTET can spread through your local network as well as the internet, so isolating it will (hopefully) stop the spread. However, you should manually check and clear the other computers on the network, as one infected computer can re-infect the whole network. EMOTET does not discriminate and will reinfect all the computers if given a chance.



Conclusion

EMOTET is a very real issue within the cybersecurity world. Making sure that all computers on your network are up-to-date with the latest operating system, and by educating your team to spot malicious email links, is paramount to keeping your business safe.

More To Explore

The Essential Eight While no single mitigation strategy is guaranteed to prevent cyber security incidents, organisations are recommended to implement eight essential mitigation strategies