Emotet Resurfaces on the Back of TrickBot After Nearly a Year

Researchers observed what looks like the Emotet botnet – the “world’s most dangerous malware” – reborn and distributed by the trojan it used to deliver.

Emotet, one of the most prolific and disruptive botnet malware-delivery systems, appears to be making a comeback after nearly a year of inactivity, researchers have found.

A team of researchers from Cryptolaemus, G DATA and AdvIntel recently observed the TrickBot trojan launching what appears to be a new loader for the notorious malware, they said separately on Twitter and in a blog post.

“We have reason to assume with high confidence that #Emotet is active again and currently distributed via #Trickbot,” G DATA Advanced Analytics posted on its Twitter feed.

Register now for our LIVE event!

“2021-11-14: The ‘#Emotet partner ($) loader’ program appears resorcing [SIC] from existing #TrickBot infections,” AdvIntel CEO Vitali Kremez also confirmed via Twitter. “TrickBot launched what appears to be the newer Emotet loader.”

A blog post from researchers at G DATA has the most detailed information about what went down. It explains that on Sunday at around 9:26 UTC, researchers observed on several TrickBot trackers an attempt

Read More: https://threatpost.com/emotet-resurfaces-trickbot/176362/