From thehackernews.com
The notorious Emotet malware, in its return after a short hiatus, is now being distributed via Microsoft OneNote email attachments in an attempt to bypass macro-based security restrictions and compromise systems.
Emotet, linked to a threat actor tracked as Gold Crestwood, Mummy Spider, or TA542, continues to be a potent and resilient threat despite attempts by law enforcement to take it down.
A derivative of the Cridex banking worm – which was subsequently replaced by Dridex around the same time GameOver Zeus was disrupted in 2014 – Emotet has evolved into a “monetized platform for other threat actors to run malicious campaigns on a pay-per-install (PPI) model, allowing theft of sensitive data and ransom extortion.”