Threat Watch

Rise in Emotet Could Lead to More Ransomware

According to malware researchers at HP-Bromium in an October 2020 Threat Insights Report, The number of Emotet detections increased 1200% from July to September. Emotet is distributed through malicious attachments sent over email, and it serves as a loader for other malware, such as Trickbot or Qakbot. The uptick of Emotet infections could lead to a corresponding increase of ransomware, which is the most common end result after threat actors gain access to systems and expand their control over an enterprise domain. 

ANALYST NOTES

As Emotet is a malspam distributing botnet, Binary Defense recommends that organizations use email threat detection and blocking services, and encourage employees use care when opening documents with macros, especially if the body of the email was something vague such as “See attached for invoice”. Additionally, Binary Defense recommends for the use of a 24/7 Security Operations Center, equipped with Endpoint Detection and Response (EDR) and modern Security Information and Event Management (SIEM) tools, using a dedicated team or a trustworthy security provider such as Binary Defense’s Security Operations Task Force.
https://www.zdnet.com/article/spike-in-emotet-activity-could-mean-big-payday-for-ransomware-gangs/