Emotet reborn thanks to Trickbot and Portugal is among the most affected countries – Internet
Earlier in the year, an international operation carried out by customs authorities killed the malware Emotet. However, ten months later, the malicious software appears to have been reborn thanks to Trickbot, advances a new investigation by Check Point Research.
Researchers warn of ransomware methods after they have found Emotet users quickly spreading via Trickbot. It is estimated that in just 10 months about 140,000 victims, including associations and belonging to 149 countries, have been affected by the Trickbot, especially in the United States and Portugal.
Click on images for more details.
In addition to the United States and Portugal, which represent a third of all Trickbot targets, countries like India, Brazil, Turkey, Russia and China stand out. According to the data, the previous high-profile industries killed more than 50% of all.
The investigation reveals that on November 15, 2021, Trickbot-infected machines spread Emotet users, prompting how they kill to download password-protected .zip files containing malicious documents. The type of operations carried out by the malware have also been updated to include new features.
According to experts, Emotet is a strong predictor of ransomware futures, as the malware offers attacking groups a gateway to compromised machines, which can be rented out to other hackers to be used in their own purposes.
“In just two weeks, Emotet has become the seventh most popular malware,” explains Lotem Finkelstein, Head of Threat Intelligence at Check Point Software, referencing the latest malicious software classification company’s most wanted.
“Emotet is our best indicator for ransomware advances. We should treat as Emotet and Trickbot infections as if made ransomware. Otherwise, it’s only a matter of time before we have to deal with a real ransomware attack”, emphasizes the responsible.