• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   EMOTET

URSNIF, EMOTET, DRIDEX and BitPaymer Gangs Linked by a Similar Loader
  • Posted on:December 18, 2018 at 4:51 am
  • Posted in:Botnets, Malware
  • Author:
    Trend Micro
0

We analyzed samples of EMOTET, URSNIF, DRIDEX and BitPaymer and found similar payload loaders and internal data structures, possibly implying that these different groups are familiar with and are working closely together.

Read More
Tags: BitPaymerDRIDEXEMOTETURSNIF

Exploring Emotet: Examining Emotet’s Activities, Infrastructure
  • Posted on:November 16, 2018 at 4:43 am
  • Posted in:Botnets, Malware, Spam
  • Author:
    Trend Micro
0

Discovered by Trend Micro in 2014, the banking Trojan Emotet has been brought back to life by malware authors last year with its own spamming module that has allowed it to spread, target new industries and regions, and evade sandbox and malware analysis techniques. This year, we examined Emotet’s activities to learn more about how this modular malware wreaks havoc: We did a comprehensive research on Emotet’s artifacts — 8,528 unique URLs, 5,849 document droppers, and 571 executables collected between June 1, 2018 and September 15, 2018 — to discover Emotet’s infrastructure as well as possible attribution information.

Read More
Tags: EMOTET

New EMOTET Hijacks a Windows API, Evades Sandbox and Analysis
  • Posted on:November 15, 2017 at 6:43 am
  • Posted in:Malware
  • Author:
    Rubio Wu (Threats Analyst)
0

We discussed the re-emergence of banking malware EMOTET in September and how it has adopted a wider scope since it wasn’t picky about the industries it attacks. We recently discovered that EMOTET has a new iteration (detected as TSPY_EMOTET.SMD10) with a few changes in its usual behavior and new routines that allow it to elude…

Read More
Tags: EMOTETsandbox evasionWindows API

EMOTET Returns, Starts Spreading via Spam Botnet
  • Posted on:September 7, 2017 at 9:10 am
  • Posted in:Botnets, Malware
  • Author:
    Don Ladores (Threat Response Engineer)
0

We first detected the banking malware EMOTET back in 2014, we looked into the banking malware’s routines and behaviors and took note of its information stealing abilities via network sniffing. After a period of relative inactivity, it appears it’s making a comeback with increased activity from new variants that have the potential to unleash different types of payloads in the affected system.

Read More
Tags: botnetEMOTETMalwareTrojan

Recent Spam Runs in Germany Show How Threats Intend to Stay in the Game
  • Posted on:December 29, 2016 at 11:20 pm
  • Posted in:Malware, Ransomware, Spam
  • Author:
    Trend Micro
0

In early December, GoldenEye ransomware  (detected by Trend Micro as RANSOM_GOLDENEYE.A) was observed targeting German-speaking users—particularly those belonging to the human resource department. GoldenEye, a relabeled version of the Petya (RANSOM_PETYA) and Mischa (RANSOM_MISCHA) ransomware combo, not only kept to the James Bond theme of its earlier iteration, but also its attack vector.

Given ransomware’s likely outlook to reach a plateau, persistence in the threat landscape and diversification of target victims are the names of the game. GoldenEye exemplifies bad guys trying to gain scale, leverage, and profit with rehashed malware.

Read More
Tags: CERBERDRIDEXEMOTETGoldenEyeMischapetyaSharikZBOT
Page 1 of 212

Security Predictions for 2019

  • Our security predictions for 2019 are based on our experts’ analysis of the progress of current and emerging technologies, user behavior, and market trends, and their impact on the threat landscape. We have categorized them according to the main areas that are likely to be affected, given the sprawling nature of the technological and sociopolitical changes under consideration.
    Read our security predictions for 2019.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

  • New Magecart Attack Delivered Through Compromised Advertising Supply Chain
  • Adware Disguised as Game, TV, Remote Control Apps Infect 9 Million Google Play Users
  • January Patch Tuesday: First Bulletin of 2019 has Fixes for DHCP and Microsoft Exchange Vulnerabilities
  • Machine-to-Machine (M2M) Technology Design Issues and Implementation Vulnerabilities
  • Google Play Apps Drop Anubis Banking Malware, Use Motion-based Evasion Tactics

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.