|
cryptomaniac_xxx (OP)
|
 |
September 10, 2020, 11:16:39 AM |
|
If you are living in the following countries, be aware that they has issued a very important advisories against the rise of Emotet attack in your country. France - https://www.cert.ssi.gouv.fr/alerte/CERTFR-2020-ALE-019/Japan - https://www.jpcert.or.jp/newsflash/2020090401.htmlNew Zealand - https://www.cert.govt.nz/it-specialists/advisories/emotet-malware-being-spread-via-email/What is Emotet? Emotet is a Trojan that is primarily spread through spam emails (malspam). The infection may arrive either via malicious script, macro-enabled document files, or malicious link. Emotet emails may contain familiar branding designed to look like a legitimate email. Emotet may try to persuade users to click the malicious files by using tempting language about “Your Invoice,” “Payment Details,” or possibly an upcoming shipment from well-known parcel companies.
Who does Emotet target?
Everyone is a target for Emotet. To date, Emotet has hit individuals, companies, and government entities across the United States and Europe, stealing banking logins, financial data, and even Bitcoin wallets.
How does Emotet spread?
The primary distribution method for Emotet is through malspam. Emotet ransacks your contacts list and sends itself to your friends, family, coworkers and clients. Since these emails are coming from your hijacked email account, the emails look less like spam and the recipients, feeling safe, are more inclined to click bad URLs and download infected files.
https://www.malwarebytes.com/emotet/So everyone is vulnerable, specially the spread is through emails, so don't click any suspicious links specially the attachments, like zip files and so called Microsoft updates as you might fall for this malwares and steal your crypto wallets credentials. |
|
|
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
|
|
Charles-Tim
Legendary
 Offline
Activity: 1526
Merit: 4811
|
|
September 10, 2020, 12:06:39 PM |
|
We have really discussed about phishing attack on this forum several times but it is worth to be discussed about anytime we noticed any form of malware. According to your comment above, the malware is embedded on email which means it is phishing email scam. It is worthy to know that we should never click on any emails we do not authorize for, be it scam or legit. That alone is 100% effective against such malware attack.
|
.
HUGE | | | | | | █▀▀▀▀
█
█
█
█
█
█
█
█
█
█
█
█▄▄▄▄ | ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
.
CASINO & SPORTSBOOK
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ | ▀▀▀▀█
█
█
█
█
█
█
█
█
█
█
█
▄▄▄▄█ | | |
|
|
|
|
smyslov
|
|
September 10, 2020, 12:36:50 PM |
|
If you are living in the following countries, be aware that they has issued a very important advisories against the rise of Emotet attack in your country. France - https://www.cert.ssi.gouv.fr/alerte/CERTFR-2020-ALE-019/Japan - https://www.jpcert.or.jp/newsflash/2020090401.htmlNew Zealand - https://www.cert.govt.nz/it-specialists/advisories/emotet-malware-being-spread-via-email/What is Emotet? Emotet is a Trojan that is primarily spread through spam emails (malspam). The infection may arrive either via malicious script, macro-enabled document files, or malicious link. Emotet emails may contain familiar branding designed to look like a legitimate email. Emotet may try to persuade users to click the malicious files by using tempting language about “Your Invoice,” “Payment Details,” or possibly an upcoming shipment from well-known parcel companies.
Who does Emotet target?
Everyone is a target for Emotet. To date, Emotet has hit individuals, companies, and government entities across the United States and Europe, stealing banking logins, financial data, and even Bitcoin wallets.
How does Emotet spread?
The primary distribution method for Emotet is through malspam. Emotet ransacks your contacts list and sends itself to your friends, family, coworkers and clients. Since these emails are coming from your hijacked email account, the emails look less like spam and the recipients, feeling safe, are more inclined to click bad URLs and download infected files.
https://www.malwarebytes.com/emotet/So everyone is vulnerable, specially the spread is through emails, so don't click any suspicious links specially the attachments, like zip files and so called Microsoft updates as you might fall for this malwares and steal your crypto wallets credentials. Even if I'm not living in the countries that you've mentioned I must be aware of this and so are the members of this forum, this is a malware that can victimized anybody wherever you are, this is the first time I read about this malware so it's time to always evaluate how you behave in the internet and your anti virus as well. |
|
|
|
|
|
AhmadM
|
|
September 10, 2020, 03:33:25 PM |
|
As Charles-Tim said before it is something similar to a phishing email, usually I did not touch/open emails from unknown mail addresses especially if it was in the spam folder (most directly deleted). In addition, to prevent this kind of scheme happens I always use this tool [1] regularly to check my email has been compromised in a data breach or not. Good topic for newbies to avoid phishing --> [LEARN] Phishing Quizzes - Beginners & Experts[1] https://haveibeenpwned.com/ |
|
|
|
|
bob123
Legendary
Offline
Activity: 1624
Merit: 2481
|
|
September 10, 2020, 03:53:56 PM |
|
So everyone is vulnerable
Not really, no. Emotet is written solely for windows. Neither linux nor mac user are affected by it. And if i am not mistaken, it relies on the eternal blue vulnerability to spread itself. So, having an up-to-date system already ensures that your system won't get infected without manually doing so (e.g. by downloading and executing untrusted software). Regularly updating your system and not clicking on every link / downloading every software already is enough to not get infected with malware most of the time. |
|
|
|
plr
Member
Offline
Activity: 1148
Merit: 24
|
|
September 10, 2020, 04:43:43 PM |
|
So everyone is vulnerable
Not really, no. Emotet is written solely for windows. Neither linux nor mac user are affected by it. There are a lot of attacks on windows I'm thinking of learning Linux, I read that with linux you don't need a lot of anti virus and you are safe from attacks, with windows you have to be careful on what you are downloading and the kind of anti virus and anti malware you are using. |
|
|
|
|
bob123
Legendary
Offline
Activity: 1624
Merit: 2481
|
|
September 10, 2020, 04:50:42 PM |
|
[...] with windows you have to be careful on what you are downloading and the kind of anti virus and anti malware you are using.
You always have to be careful on what you are downloading and/or executing. It's not like there is no malware for linux. Malware for linux (or mac) does exist. It is just that the majority of malware simply is written for windows since it has the largest user base. Therefore, if you know what you are doing, indeed an AV is not needed. But common sense (i.e. not downloading and executing random stuff) is always required, regardless of the OS. |
|
|
|
bct_ail
Legendary
Offline
Activity: 2618
Merit: 2217
https://t1p.de/6ghrf
|
|
September 10, 2020, 08:24:00 PM |
|
Even if you do not live in the above mentioned countries, you may be affected by the emotet Trojan. For example, if you have email contacts to these countries (private or business), there is a bit more risk likely to get affected. Unfortunately I know some companies that are/were not only affected by this Trojan.
|
|
|
|
GreatArkansas
Legendary
Offline
Activity: 2296
Merit: 1345
Buy/Sell crypto at BestChange
|
|
September 10, 2020, 11:10:15 PM |
|
Even if you do not live in the above mentioned countries, you may be affected by the emotet Trojan. For example, if you have email contacts to these countries (private or business), there is a bit more risk likely to get affected. Unfortunately I know some companies that are/were not only affected by this Trojan.
Yep, those mentioned countries are only for sure the major countries that this kind of spreading malware. This malware is really notorius. As what I saw in a news about this malware, the malware already exist about 5 years ago and now, it is back again with some major countries are one of targets of said malware. Here is some tips how we can this kind of malware from toolbox- Disable macros within MS Office. Only enable macros that are digitally signed or from trusted locations
- Ensure your anti-virus software on your endpoint device is active and up to date
- Restrict PowerShell to only executing signed scripts
- Apply the principles of least privilege
- Use of mail and web filters to block known Emotet documents and C2
- Application whitelisting
|
|
|
|
|
libert19
|
|
September 11, 2020, 04:56:01 AM |
|
Does country even matter in electronic attacks?
|
| | .
.Duelbits. | │ | ..........UNLEASH..........
THE ULTIMATE
GAMING EXPERIENCE | │ | DUELBITS
FANTASY
SPORTS | ████▄▄▄█████▄▄▄
░▄████████████████▄
▐██████████████████▄
████████████████████
████████████████████▌
█████████████████████
████████████████▀▀▀
███████████████▌
███████████████▌
████████████████
████████████████
████████████████
████▀▀███████▀▀ | .
▬▬
VS
▬▬ | ████▄▄▄█████▄▄▄
░▄████████████████▄
▐██████████████████▄
████████████████████
████████████████████▌
█████████████████████
███████████████████
███████████████▌
███████████████▌
████████████████
████████████████
████████████████
████▀▀███████▀▀ | /// PLAY FOR FREE ///
WIN FOR REAL | │ | ..PLAY NOW.. | |
|
|
|
bct_ail
Legendary
Offline
Activity: 2618
Merit: 2217
https://t1p.de/6ghrf
|
|
September 11, 2020, 06:23:06 AM |
|
This malware is really notorius. As what I saw in a news about this malware, the malware already exist about 5 years ago and now, it is back again with some major countries are one of targets of said malware. Yes, he is quite stubborn. But apparently also so good that it is worth developing it further. With every new flood, he has learned something new and is getting better and better. Thank you for you tips. |
|
|
|
|
