Emotet, the highly prolific and sophisticated botnet, has recently started using email templates posing as a Kyoto Coronavirus notification. The templates are used to send malicious email messages from infected computers to spread the botnet. The email messages contain malware in attached or linked Microsoft Office files. When recipients open files containing the malware and enable content in a malicious document file, Emotet infects the computer and uses that access to install more malware. While the template is entirely in Japanese, the template asks the user to view a notification relating to the Coronavirus. Additionally, the email contains information relating to the Coronavirus and symptom identification in order to lend credence to the “notification.” As the situation develops, Binary Defense will keep an eye out for any English coronavirus templates.
Binary Defense was contacted by an individual who was recently scammed out of $4,000 through