In the past few weeks, the prolific malspam botnet Emotet has made a resurgence after a months-long hiatus. Emotet primarily serves as a loader for other malware, and has been known to usually deliver Trickbot. Today, Emotet dropped Qakbot, which is fairly uncommon compared to the normal Trickbot distributions. Binary Defense analysts tracking Qakbot observed distribution via direct email stop approximately four weeks ago, which indicates that the Qakbot operators may be experimenting with a new model of distribution by paying for installs on Emotet bots.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security