Written by Tonya Riley
Dec 8, 2021 | CYBERSCOOP
The resurgence of botnet Emotet after a law enforcement takedown earlier this year is getting a boost from fellow crime group TrickBot, researchers at Check Point have found.
Since November, Check Point has identified 113 new Emotet targets in the first week of December, nearly half its infection right before it was taken down.
Emotet attempted to infect 657 new organizations (219 per week) during January 2020. And it was already at 113 new targets in the first week of December 2020. This means that in 3 weeks since its comeback, Emotet already gained 50% of its infection rate before it was taken down.
The samples of the Emotet malware are being delivered via servers that TrickBot infected in mid-November. A number of other researchers have confirmed Emotet’s return and have observed TrickBot distributing the malware.
Emotet received a series of debilitating blows last year at the hands of law enforcement. In January, U.S. and European authorities took control of the botnet’s network of infected computers and arrested several of its operators. Authorities followed that January takedown with an operation to corrupt the malware in April. Emotet essentially disappeared off