Recently (On March 18 2023 at 23:44), a new malspam campaign has been observed in the wild ( HERE ), which caused a significant amount of concern. This campaign is designed to distribute malicious emails, which contain a harmful payload that can infect a user’s system, steal sensitive information, or launch other types of attacks.
Trustwave SpiderLabs’ spam traps have identified an increase in threats packaged in password-protected archives with about 96% of these being spammed by the Emotet Botnet. In the first half of 2022, we identified password-protected ZIP files as the third most popular archive format used by cybercriminals to conceal malware.
Emotet is back in business and it’s revealing some new tricks. Not long ago, Emotet introduced a new module, the Google Chrome’s credit card grabber. More recently, the SMB spreader module has been brought back and is now, once again, part of the infection chain.