skip to Main Content

Cybercrime, Emotet attacks with mail without the attachments

The cyber security expert JAMESWT: New cybercrime campaign to convey Emotet in Italy. The mail-trap, which exploits previously stolen conversations, has no attachments but a link that refers to an alleged Office document

New cybercrime campaign to spread Emotet in Italy with email withohout the attachment. It has been discovered by cyber security researcher JAMESWT. It exploits previous stolen real conversations, but the messages  do not contain an attachment. Instead, there is a link that directs the potential victim to a malicious Office file from which the malware infection chain begins. The latest attempts, on the other hand, featured a password-protected .zip archive (provided within the message). This is because cyber criminals tried to evade the entry control of mail by Anti Spam and Anti Virus, according to the principle that they cannot analyze protected content. The umpteenth evolution of the campaign confirms that this is still considered valid by its actors. Consequently, in the next few days it will continue, albeit in different ways.

The email that exploits previous stolen real conversations

The malicious Word document

The links from which the malware is downloaded

 

 

Back To Top