Emotet Malware Campaign Spread The Infection Across The Network
The Emotet banking Trojan was first identified by security researchers in 2014. Emotet was originally designed as a banking malware that attempted to sneak onto your computer and steal sensitive and private information.
The new Emotet “WiFi spreader” module (as it was called) does not guarantee a 100% infection rate, as it relies on users utilising weak passwords for their WiFi networks, however, it opens a new attack vector inside infected companies that the Emotet gang can exploit to maximize their reach.
This means that computers infected with Emotet are now a danger not only for the infected company’s own internal network, but also to the networks of any nearby companies that are in the original victim’s physical proximity.
WiFi security:
System administrators often use WiFi networks to segment parts of their networks into different sections, but still keep internet connectivity available for all employees.
This new Emotet module means companies can’t run WiFi networks with simplistic passwords inside their headquarters anymore. If the Emotet gang decides to deploy its WiFi spreader module, they can jump to nearby networks if those networks don’t use a complex password.
Having Emotet dropped on your network via WiFi will most likely complicate many incident response investigations. WiFi is not a traditional attack vector for Emotet, nor for many other malware strains.
In many cases, companies use simplistic passwords for internal WiFi networks because they know only employees will be in reach to access them. Companies may not be aware that they need to use more complex WiFi hotspot passwords to prevent future Emotet intrusions.
Although a BinaryDefense researcher was not available for comment, the security vendor was pretty clear in its report last week when it said that Emotet got a major boost in attack capabilities.
BinaryDefense warns companies to take precautions by securing WiFi networks with strong passwords, as this is the easiest way to defend against Emotet’s new WiFi module.
Follow us on Twitter, Linkedin, Facebook for Daily security updates & penetration testing tutorials. Have something to say about this content? Let me know by comment below.
Post a comment