After a ten-month absence, the Emotet malware seems to be back in business, delivering malicious documents around the world by employing the help of spam campaigns.
In a recent SANS Handler Diary, Brad Duncan, a cybersecurity researcher, described how the Emotet botnet is currently spamming several email campaigns in order to infect devices with the Emotet virus.
As reported by BleepingComputer, the researcher claims that spam operations utilize replay-chain emails to trick recipients into opening infected Word, Excel, and password-protected ZIP files attached to the emails.
Phishing emails that exploit previously stolen email threads and faked answers to spread malware to additional victims are known as reply-chain phishing emails.
Excel or Word documents with harmful macros, or a password-protected ZIP file attachment containing a malicious Word document, are included in the malicious emails.
The new Emotet spam operations are presently distributing two separate harmful documents, an Excel document template, and a Word attachment.
The Excel document template specifies that the document will only operate on desktops or laptops and that the user must enable content in order to fully read the contents.
The malicious Word attachment uses the ‘Red Dawn’ template and