The Emotet virus, considered the most dangerous ever created, is back after 4 months of absence. We explain what you need to know about this malware.
After appearing to be gone for almost four months, Emotet is back. First appeared in 2014 as a single Trojan horseit quickly evolved into a dangerous virus capable of installing other malware on already infected PCs.
In 2020, this malware was able to infiltrate the Quebec Ministry of Justice. Then, he multiplied attacks aimed at the French, Japanese and New Zealand governments. After several months of absence, Emotet is back in 2023.
What is a Trojan horse (in computing)?
A Trojan horse is a type of malicious code or software that may seem legitimate at first glance and take control of the computer. Its name is taken from the method used by the Greeks to conquer the city of Troy in a wooden stallion.
In 2014, a study by the Association of Internet Security Professionals, focusing on the dangers of illegal live streaming, reveals that one in three computers is infected with malware and that 73% of these infections come from a Trojan horse .
However, on September 16, 2019, after further research, analysts discovered that Emotet had resumed its activity. On Twitter, SpamHaus researchers announced that they had identified a phishing campaign orchestrated by the latter.
How does Emotet infiltrate our devices?
The technique of Emotet is very simple and yet very devastating. It consists of sending malicious e-mails under the name of a famous sender, while addressing the recipient by name. As a result, the virus tricks victims into clicking on links in order to activate certain commands.
To dodge the radars of security systems, Emotet has developed its own method. Indeed, he attaches a Word document in which there is a lot of superfluous data, such as a lot of figures.
Read also :
The site of the National Assembly made inaccessible by pro-Russian hackers, the servers impossible to reach
The file must also weigh more than 500 MB, a sufficient weight to pass through the analyses. When the user opens the file, the Word document launches under a panel that says the content is not accessible unless the “Enable Content” button is clicked.
Clicking this button will automatically override Word’s default, which results in activating the virus.
What consequences?
Once the machine is infected, Emotet will have access to all your passwords and other sensitive data. In addition, the virus can even use email conversations by using them to send spam to your contacts, in order to trap them too. That’s what makes it the virus considered the most dangerous on the internet.
At present, according to the researchers who detected his return, the booby-trapped emails mainly target German, American, British, Italian and Polish Internet users. Previously, Emotet was known to target business and government networks.
Read also :
Cybermalware: phishing, ransomware, hacking… what threatens us today and tomorrow
Even if you do not belong to these categories, remain vigilant with regard to the mails which you receive. Always review them carefully and never click on any suspicious attachment.