Emotet Makes Another Comeback with New Tactics, Techniques and Procedures



Emotet Makes ComebackNew analysis of Q3 shows Emotet attacks on the rise, complete with new methods and features that have impacted governments and enterprise businesses alike.

The banking trojan, Emotet, has been around since 2019, but seems to be the cat with nine lives, as it continues to evolve and repeatedly show itself after quiet periods. According to Recorded Future’s Cyber Threat Analysis report for Q3 of 2020, campaigns involving the trojan demonstrate it’s been undergoing modifications to make it more successful in infecting systems:

  • The replacement of TrickBot with QakBot as a final payload
  • A 1,000 percent increase in Emotet downloads, correlating with Emotet’s packer change, which causes the Emotet loader to have a lower detection rate across anti-virus software
  • Operators using new Word document templates
  • Operators using password protected archives containing malicious macros to bypass detections

Recorded Future’s analysts believe the Emotet will “continue to employ major pauses, we believe it is highly likely that Emotet will continue to be a major threat and impact organizations across a variety of industries throughout the end of the year and into 2021.”

We’ve seen Emotet involved in attacks on government agencies, and been employed in a malware-as-a-service model. The changes made in Q3 indicate it’s authors are paying attention to how it’s being detected and blocked, and are changing tactics to stay viable and successful in its goal to infect endpoints.


Request A Demo: Security Awareness Training

products-KB4SAT6-2-1New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4's security awareness training and simulated phishing platform and see how easy it can be!

Save My Spot!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://info.knowbe4.com/kmsat-request-a-demo

Subscribe To Our Blog


Ransomware Hostage Rescue Manual




Get the latest about social engineering

Subscribe to CyberheistNews