Back from vacation: Analyzing Emotet’s activity in 2020


Emotet is one of the most heavily distributed malware families today. Cisco Talos observes large quantities of Emotet emails being sent to individuals and organizations around the world on an almost daily basis. These emails are typically sent automatically by previously infected systems attempting to infect new systems with Emotet to continue growing the size of the botnets associated with this threat. Emotet is often the initial malware that is delivered as part of a multi-stage infection process and is not targeted in nature. Emotet has impacted systems in virtually every country on the planet over the past several years and often leads to high impact security incidents as the network access it provides to adversaries enables further attacks, such as big-game hunting and double-extortion ransomware attacks.

Read more…