CISA Emotet Malware Spike Advisory - Infoblox Commentary
October 2020 by CISA
The Cybersecurity and Infrastructure Security Agency (CISA) put out an alert about the resurgence of Emotet malware and a significant threat to government. If you plan on covering, Infoblox’s VP Anthony James (photograph attached) offers the following perspective:
“Emotet has continued to evolve in an arm’s race of new features and functionality. We’ve seen actors infuse Emotet’s native banking trojan functionality with third-party tools, including Qakbot, Trickbot, and IcedID, that make the malware even more dangerous. From Infoblox’s side, our Cyber Intelligence Unit (CIU) has noted:
• In early 2020, an Emotet email campaign themed around both Christmas and Swedish environmental activist Greta Thunberg. This campaign aimed to lure the email recipients into opening Microsoft Word documents with malicious macros that infected victims with the Emotet information stealer.
• Then in early August, CIU published a research note on The Return of Emotet highlighting the malware’s return spamming targets with almost a quarter-million emails.”