Widespread exploitation of vulnerable systems via Emotet malware

Widespread exploitation of vulnerable systems via Emotet malware

The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is investigating a widespread malware campaign known as Emotet.

Emotet is a Trojan virus delivered via emails sent with malicious attachments.

Cyber criminals use malware for different reasons, most commonly to steal personal or valuable information from which they can profit, hold recipients to ransom or install damaging programs onto devices without your knowledge.

Email users should always exercise caution before opening emails and attachments.

Information on how to protect yourself and your organisation from this virus is available here.

To report a cyber security incident, visit www.cyber.gov.au/report.

 

How does it work?

Trojan viruses like Emotet appear as normal files, but include hidden information allowing cyber criminals access to and control devices or systems.

Emotet malware is spread when unsuspecting email users click on links or open files containing malicious code.

This campaign uses targeted and untargeted ‘phishing’ emails to spread the virus.

The same advice to protect yourself against malware applies to ransomware.

Do not pay the ransom if affected by ransomware. There is no guarantee that paying the ransom will fix your computer, and it could make you vulnerable to further attacks. Restore your files from backup and seek technical advice.

 

What should I do if I’m targeted?

Protect your systems

The threat is real but there is something you can do about it.

The ACSC’s technical advice for organisations affected by this campaign is available here.

To prevent malware infection, the ACSC recommends Australian critical infrastructure, business and government organisations take the following steps immediately:

  • block macros
  • alert staff to the virus and what to look for
  • maintain firewalls
  • scan your network
  • develop an incident response plan
  • maintain offline backups
  • implement complementary security controls.

Organisations requiring further assistance or advice regarding malware can contact the ACSC by emailing ASD.Assist@defence.gov.au.

 

For individuals

Read our Stay Smart Online advice about Emotet here.

Reporting a cyber security incident: individuals

Individuals can report a cyber security incident to the ACSC via ReportCyber.

 

Full article attribution is made to its original source and author.