EMOTET: A NASTY SUMMER BUG
It must be Summer-the bugs are out!
In just one 24-hour snapshot, let’s review the bug interactions I have encountered (I wonder if you can relate): I had the perimeter of my house sprayed for black ants while also starting the daunting task of taking preventative measures on the white flies’ that are multiplying and gearing up to feast on our vegetable plants. Later, I was also forced into hasty action against angry wasps swarming my kids (triggering all-out chaos) during a sit-down family dinner on the front porch. And finally, I spent the evening swatting pesky mosquitos during my daughter’s soccer game.
On the cyber security “bug” front, the recent persistent threats have been equally challenging and annoying. According to our ThreatLab statistics, Thirtyseven4 recorded over 28 million malware detections during the 1st quarter of 2019. The final week of the quarter, March 24th logged the most detections with over 4.6 million detections! On average 13,000 malwares were detected every 60 minutes. That’s a lot of bugs! And based on my initial research, I’m anticipating the results from the 2nd Quarter to be even more mind-boggling.
Like their insect counterparts, there are many malware classifications, and those classifications can be broken down further into malware families. The leading form of malware over the 1st quarter was the Trojan family, and it accounted for 46% of all new malware detections. A Trojan is a type of malware that disguises itself as legitimate software.
The top detection within the Trojan family was Trojan.Emotet (Emotet). Emotet first reared its ugly head in 2014 as a modular banking trojan. It’s often referred to as “The Banking Trojan”. Since its inception, Emotet has continually evolved and morphed, making it one of the nastiest threats today. The US-CERT published Alert (TA18-201A) noted that instances of Emotet -infected networks can cost up to 1 million dollars to clean-up. Much of Emotets “success” can be traced to its mass distribution network (used for initial seeding), highly aggressive and numerous network replication functionalities and its polymorphic nature (the ability to constantly change its identity to evade detection).
In addition to practicing key safe-security practices: maintaining regular Operating System and software updates, configuring and rotating complex passwords, avoiding clicking on links within email or posted social network sites (Emotet feeds on phishing mails) and installing strong Endpoint Security software; Thirtyseven4 has also discovered a weak spot within its logic in order to proactively prevent a system from getting infected by present and future variations of the menace. While it would be unwise to disclose the specifics of the weakness and our counter measures, think of it in terms of being protected from summer mosquitos with a permanent bug spray.
Bugs are everywhere, and in most cases unwanted. Education and preventive measures can go a long way in keeping them from you or from harming your systems. There is a happy (and safe) medium where we can enjoy our technology and the outdoors without getting eaten up. I hope you can make the most of your summer in both areas!
Thirtyseven4, LLC is dedicated to serving customers with a full palette of security solutions including AntiVirus, AntiMalware, Anti-Ransomware and Zero-Day Threat Protection.