From Greta Thunberg being Emotet’s Person of the Year to the malware inviting you to a malicious Christmas party, Emotet is routinely among the most problematic and widely distributed malware families that Sophos researchers encounter daily.
Over its five-year life, Emotet has evolved from a Trojan that silently steals victims’ banking credentials into a highly sophisticated and widely deployed platform for distributing other kinds of malware, most notably other kinds of banking Trojan. It is distributed mostly through phishing email carrying links to malicious sites, or malicious PDF or Word attachments.
Today, Emotet is the world’s leading MaaS operation, and is often used to allow crooks access to corporate networks, where hackers can steal proprietary files or install ransomware to encrypt sensitive data, and later extort companies for large sums of money. While it remains an extremely potent in-the-wild threat, dealing with it is one of the most difficult challenges faced by system administrators and threat hunters.