The Postal and Communications Police alerted users that a massive campaign is underway to spread Emotet malware through false email messages with an attachment in Zip format.
These e-mails, highlights the Postal Police, seem to come from boxes related to the domain @istruzione.it and present an attachment in Zip format protected by password to download.
Emails are fake and have nothing to do with the domain they are dealing with: they are just a tool for spreading Emotet malware, a trojan that has several harmful purposes including, above all, to obtain access to contacts and information
The Postal and Communications Police advises you to pay the utmost caution to this insidious malware campaign and, in practice, to: not download attachments; keep your antivirus up to date; scan your devices; change your access credentials to services
During 2020, Malwarebytes cybersecurity specialists highlighted at the end of last year, what they call one of the most devastating cyber threats has significantly improved its camouflage.
For over two years, the dangerous malware called Emotet has proved to be one of the biggest threats that companies around the world face. This is because Emotet, born as a banking trojan, evolved into a sophisticated threat that often serves as a first step towards broader and lasting computer damage.
For most companies today, Malwarebytes pointed out, such an attack is no longer just an Emotet attack. On the contrary, a successful Emotet attack can go unnoticed for days or even weeks. At this time, cyber-attackers can use Emotet to download a separate banking trojan called Trickbot and another ransomware called Ryuk.
To make things worse, the Malwarebytes dose increases, is the fact that over the years, Emotet has become increasingly difficult to identify at first reading. The banking trojan mainly spreads through malspam, malicious emails that contain dangerous attachments such as enabled macro documents or other malicious links.
Other similar attempts at malspam are easy to spot, but Emotet is different, warns researchers of Malwarebytes. In about a year, Emotet found a way not only to fit into active email threads, but also to copy and re-send legitimate email attachments so as to hide its malicious load between a set of documents that a user of
The threat of Emotet is therefore dangerous and more alive than ever and should always be very careful.