One of the most dangerous families of malware ever has returned. It concerns the Emotet botnet, which was removed from one million computers earlier this year due to intervention by the Dutch and German police. But, unfortunately, the botnet has resurfaced and is once again on the rise.
G Data SecurityLab, which specializes in IT security, warns about this. The new Emotet sample discovered bears several technical similarities to the original malware. A comparison of the source code shows similar structures, according to the security company. However, there are also differences: unlike the previous Emotet variants, the network traffic is still encrypted, but the new variant uses HTTPS with a self-signed certificate.
Emotet is malware that was first discovered in 2014. The malware initially targeted financial institutions. However, Emotet has now evolved and is widely used for industrial espionage, for example.
The specialists at G Data SecurityLab also see that Emotet threats are being modified by cybercriminals at increasingly shorter intervals to give the malware a new look. As a result, new versions are created more often, which are more difficult to detect.