just a word doc.....

EMOTET, the “banking Trojan” that has been around since around 2014, but is still hitting companies cold. The malware program is hugely misunderstood, mostly due to it;s appearance in many publications as a so called banking Trojan. It’s much, much more….

Yes, it’s primary intent is to obtain financial information by injecting code into the Network stack of an infected Windows computer, allowing sensitive data to be stolen via transmission. However, Emotet malware also inserts itself into Software Modules which are then able to steal address book data and perform DOS attacks on other systems. It also functions as a downloader or dropper of other Trojans.

It’s delivery is most prominently via Email, using malicious attachments like Word, Excel or PDF’s masquerading as invoices or other interesting documents. URL’s (Previously) or the now more popular JavaScript within the document types are then used to execute the malware on the client machine. Once it’s on your system it intercepts and logs all internet traffic, and banking data (along with anything else the bad guys want) is compiled.

A cartoon illustration of an evil looking worm.

It’s also a worm-like nightmare. Basically, when it’s inside your network, it will find it’s way elsewhere, propagating around it’s new home and becoming a sysadmin’s weekend breaker.

How to stop it?

Leave a Reply

Your email address will not be published. Required fields are marked *