Emotet: Malware Trojan and A Trickbot

The Trickbot banking Trojan and the Ryuk Ransomware are two of the more common follow-ons. Emotet first detected the use of malware to steal bank accounts in 2014, but in a year or two it has reinvented itself as a massive downloader and dropper that installs other malware after infecting a PC.

Last month, Emotet successfully penetrated the Quebec Department of Justice and increased its presence in the United States and other parts of the United States. As companies in these areas have become increasingly aggressive in their exposure to EmOTet malware, it has spread to other countries.

Emotet is a banking Trojan that is spread through macro-enabled email attachments that contain links to malicious websites. It primarily acts as a back door for using a remote code execution (RC4) Trojan on a computer or mobile device. Once installed, it sends e-mails to infect other devices, but also exploits a vulnerability in the e-mail system to send an e-mail with a link to a malicious website such as an e-mail address or a web page.

The Trojan is often used to deliver ransomware, but an infection with Emotet will ultimately also see how the banking Trojan is downloaded to other devices such as mobile phones, tablets and other mobile devices. In 2018 and 2019, it was one of the most important malware threats and was embedded in the top 10 of the leading malware threat lists for the United States and Europe in 2018–2019.