New strain of Emotet banking Trojan spreading internally like Worm
The infamous banking Trojan Emotet have begun to surface in internet that has the ability to internally propagate and using brute-force attack technique.
The Trojan strain was reported by Fidelis Cyber security blog post that suggested that this new strain may have been inspired by the Wannacry and NotPetaya malware that had worm like capabilities so that it may spread rapidly through networks.
" It stands to reason that crime ware authors have taken note of the broad impact observed in these particular events and are looking to incorporate spreader components in their toolkits," the post reads. " The Wannacry and Petya campaigns have clearly demonstrated how inclusion of other techniques like credential dumpers (Mimikatz) and exploits (EternalBlue) can greatly accelerate propagation across enterprises."
Fidelis researchers found out that some versions became wormable over a month ago. The researchers found out a self-extracting RAR file containing two files. The Emotet variant was not wrapped in a traditional way like other worms, but the researchers theorize that the whole package may not be a direct component of Emotet but only a part of the Emotet that disguises itself as a Trojan malware.
Comments ( 0 )
No comments available