BTC $66157.0605
ETH $3160.9620
BNB $600.0523
SOL $153.7382
XRP $0.5487
stETH $3158.2980
DOGE $0.1576
TON $5.5645
ADA $0.5086
AVAX $38.3049
wstETH $3680.0518
WBTC $66253.4640
DOT $7.3621
WETH $3160.3315
TRX $0.1121
BCH $509.2779
LINK $15.3526
MATIC $0.7263
UNI $8.0690
ICP $14.6066
LTC $84.3899
DAI $0.9987
CAKE $2.9756
RNDR $9.0447
IMX $2.3823
STX $3.0517
NEAR $6.8843
ETC $27.8833
FDUSD $1.0002
MNT $1.1936
FIL $6.4625
TAO $503.6116
OKB $54.7164
HBAR $0.0881
VET $0.0418
KAS $0.1270
ATOM $8.7670
PEPE $0.0000
GRT $0.2943
WIF $2.7575
FET $2.4107
MKR $2818.4937
INJ $27.8130
USDE $0.9992
THETA $2.3518
XLM $0.1162
CORE $2.5749
BTC $66157.0605
ETH $3160.9620
BNB $600.0523
SOL $153.7382
XRP $0.5487
stETH $3158.2980
DOGE $0.1576
TON $5.5645
ADA $0.5086
AVAX $38.3049
wstETH $3680.0518
WBTC $66253.4640
DOT $7.3621
WETH $3160.3315
TRX $0.1121
BCH $509.2779
LINK $15.3526
MATIC $0.7263
UNI $8.0690
ICP $14.6066
LTC $84.3899
DAI $0.9987
CAKE $2.9756
RNDR $9.0447
IMX $2.3823
STX $3.0517
NEAR $6.8843
ETC $27.8833
FDUSD $1.0002
MNT $1.1936
FIL $6.4625
TAO $503.6116
OKB $54.7164
HBAR $0.0881
VET $0.0418
KAS $0.1270
ATOM $8.7670
PEPE $0.0000
GRT $0.2943
WIF $2.7575
FET $2.4107
MKR $2818.4937
INJ $27.8130
USDE $0.9992
THETA $2.3518
XLM $0.1162
CORE $2.5749
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • Emotet malware returns after a three-month hiatus

    The Emotet malware campaign continues after a lull of 3 months. Malicious emails began to reach people all over the world.

    Emotet is a known malware distributed via email. It is delivered to the target computer via malicious Microsoft Word and Excel attachments. When users open these documents and enable macros, the Emotet DLL is loaded into memory and then silently waits for instructions from a remote C2 server.

    Eventually, the malware starts stealing victims' emails and contacts for use in future Emotet campaigns or downloading additional payloads such as Cobalt Strike or other malware.

    Although Emotet was considered one of the most prevalent malware in the past, its campaign has been slowly fading. The last spam operation was observed in November 2022.

    Cybersecurity company Cofense and the Cryptolaemus group have warned that the Emotet botnet has resumed sending emails again.

    In the current campaign, the attackers use emails purporting to contain tax records. ZIP archives attached to emails weigh 500 megabytes or more. These are bloated Word documents, artificially increased in weight to make it harder for antivirus solutions to scan. The docs use Emotet's "Red Dawn" template, prompting users to include file content so that it "displays properly".

    These malicious documents contain a whole bunch of different macros that download the Emotet loader as a DLL from malicious sites, many of which are hacked WordPress blogs.

    Once downloaded, Emotet is saved in a randomly named folder in the %LocalAppData% folder and launched using regsvr32.exe. Once launched, the malware runs in the background, waiting for commands that will likely install additional payloads on the computer. These attacks typically result in data theft and full scale ransomware attacks.

    Cofense specialists said that they have not yet seen any additional payloads in this particular campaign. The malware simply collects data for future spam campaigns.

    In order not to fall for the hook of scammers, it is enough just not to run Microsoft Office files and other documents of dubious origin. This will most likely protect your data, time and nerves, preventing attackers from doing what they intended.

    Author DeepWeb
    In the United States, losses from Internet fraud reached a record $10 billion in 2022
    TikTok: Real Threat or Victim of Overblown Geopolitics?

    Comments 0

    Add comment