Recently, the US Cyber-security researchers have given a warning about deadly email malware, which could target the military system and the government. The malware was suspected to be Emotet, which is used very often as an initial attack vector, to provide access for ransomware and Trickbots.
The Emotet malware retained a top position on threat charts for the three months. Its primary attack vector was via spam email campaigns which contained Microsoft Word document or a suspicious link. The malware has covered subject matters as diverse as ‘Christmas Party’ and ‘Greta Thunberg’. Opening the document or clicking the link would download Emotet into the system. The malware, at this point, would try to spread itself by continuing the spam cycle and gathering email contacts. However, the malware could examine regular contacts and even answer to continuing email threads, making it difficult to be recognised as a serious threat.
The malware that comes next to Emotet is XMRig, which topped the ‘most wanted’ chart of Checkpoint Research in December 2019. The software was open-source, and it hijacked CPU resources to mine Monero. In several ways, XMRig was quite impressive and had been ‘in the wild’ earlier from May 2017.
Earlier for a few months, Emotet successfully managed to compromise more than one targets in the US government, which increased the number of infected emails targeting addresses of top-level domains like .mil and .gov in December 2019. The trend now seemed to continue itself in January 2020 Also, the malware could imitate email language. For example, an email was delivered, which targeted Cory Booker, a staff member from US Senator. The infected email contained signatures signifying that someone else started it using the booker.senate.gov tag.