New Report Uncovers Emotet's Delivery and Evasion Techniques Used in Recent Attacks

According to recent VMware research, threat actors involved with the infamous Emotet virus are constantly modifying their methods and command-and-control (C2) infrastructure to avoid detection. Emotet is the product of a threat actor known as Mummy Spider (aka TA542), who first appeared in June 2014 as a banking trojan before evolving into an all-purpose loader capable of delivering second-stage payloads such as ransomware in 2016. While the botnet’s infrastructure was shut down in January 2021 as part of a concerted law enforcement effort, Emotet reappeared in November 2021 via another virus known as TrickBot. Read More…