The Emotet Trojan is taking advantage of the Halloween season by pushing out new spam templates that invite victims to a Halloween party. For those who are not familiar with Emotet, it is a malware that is spread through spam emails that contain malicious documents. These documents install the Emotet Trojan on the victim’s computer. After a successful infection, Emotet installs other malware and uses the victim’s computer to send out additional spam. Other malware that has typically been delivered by Emotet, as observed by Binary Defense analysts, includes the Trickbot malware that targets online banking users to steal money and the Ryuk ransomware that encrypts files and demands a ransom payment. To take advantage of Halloween, the Emotet authors have changed the email template that gives the recipient an invitation to click a button on the top of the email that states “Enable Content” so that they can view the hidden portions of the invitation. If a victim clicks that button, then the Trojan installs itself onto the victim’s system.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased