32 C
Jaipur
Tuesday, October 27, 2020

CISA Warns of Emotet Malware Attacks Targeting Government Entities

Must read

How to Change Your Twitter Username [Twitter Handle]

Almost everyone knows that we can change the Display name in our Twitter account. But most of us are not aware that we can...

Delete Now! – These 21 Apps with more than 7 Million Downloads

Researchers found 21 malicious adware apps on Google play that disguised as gaming apps. These apps have adware hidden by design and have anti-uninstall...

Samsung Galaxy S21 May Not Ship with Charger and Earphones in the Box

Earlier this month, Apple stopped bundling EarPods and power adapter with the iPhone 12 series and its existing range of devices. While we’ve been...

Why Facebook Isn’t Launching Cloud Gaming Service For iOS?

Facebook is rolling out its beta cloud gaming service for everyone, except iOS users, in several parts of the U.S. The service is free...

CISA observes a significant increase in Emotet malware attacks that steals login credentials from various browsers, email clients, and applications.

The malware was first observed in mid-2014 as a banking Trojan, it is one of the most notorious email-based malware that offers several botnet-driven spam campaigns and ransomware attacks as a service.

Earlier this year authorities from France, Japan, and New Zealand observed a sudden spike with the Emotete malware infection targeting several companies and administrations.

CISA Alert

CISA released an alert that Emotet attacks resurged in July 2020, they able to see a “significant increase in malicious cyber actors targeting state and local governments with Emotet phishing emails.”

Emotet is an advanced trojan that is distributed via phishing email attachments, once clicked it penetrates the network by brute-forcing user credentials and writing to shared drives.

Its worm-like capabilities enable network-wide infections, also it uses modular Dynamic Link Libraries to continuously update its capabilities.

“Since July 2020, CISA has seen increased activity involving Emotet-associated indicators. During that time, CISA’s EINSTEIN Intrusion Detection System, which protects federal, civilian executive branch networks, has detected roughly 16,000 alerts related to Emotet activity.”

In the campaigns, Emotet used malicious word documents attached to phishing emails as initial insertion vectors, and the communication with the C&C server handled via an HTTP post request.

Communication With the C&C server occurs most over ports 80, 8080, 443, and in some cases over port 445. CISA warned users to stay safe as this notorious malware may occur anytime.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Also Read

EmoCrash – Researchers Exploited a Bug in Emotet Malware to Stop its Distribution

New Wave of Emotet Malware Hacks Wi-Fi Networks to Attack New Victims

Source link

- Advertisement -

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

How to Change Your Twitter Username [Twitter Handle]

Almost everyone knows that we can change the Display name in our Twitter account. But most of us are not aware that we can...

Delete Now! – These 21 Apps with more than 7 Million Downloads

Researchers found 21 malicious adware apps on Google play that disguised as gaming apps. These apps have adware hidden by design and have anti-uninstall...

Samsung Galaxy S21 May Not Ship with Charger and Earphones in the Box

Earlier this month, Apple stopped bundling EarPods and power adapter with the iPhone 12 series and its existing range of devices. While we’ve been...

Why Facebook Isn’t Launching Cloud Gaming Service For iOS?

Facebook is rolling out its beta cloud gaming service for everyone, except iOS users, in several parts of the U.S. The service is free...