The cybersecurity researcher bl4ckh0l3z: It steals a lot of info. The malware is part of the ongoing Domestic Kitten internal operation.
Cryptolaemus cyber security experts found new Emotet’s Epoch 3 urls. The continuous evolution of the worldwide malware campaign confirms that it will continue
Cryptolaemus cyber security experts found new Epoch 3 urls. They are used by cybercrime to spread Emotet worldwide via the malicious attachments or links. These, an Office document, redirect the potential victims to three botnet (Epoch 1,2,3) that download the malicious payload in the user’s computer. The botnet are continously updated by criminal hackers and expoloit real stolen conversations. Furthemore, sometimes they feature a password-protected .zip archive (provided within the message). This to triy to evade the entry control of mail by Anti Spam and Anti Virus, according to the principle that they cannot analyze protected content. The umpteenth evolution of the campaign confirms that this is still considered valid by its actors. Consequently, in the next few days it will continue, albeit in different ways.