Cybersecurity Update: “World’s Most Dangerous Malware” Returns – this Time in Excel Email Attachments

by | Mar 2, 2022 | Cybersecurity news/commentary

Described by Europol and many others across the cybersecurity ecosystem as “the world’s most dangerous malware”, ‘Emotet’ is a trojan that first appeared in 2014 and is delivered by infected email attachments or links. It has been widely used to spread ransomware, create botnets, and has been blamed for millions of attacks, including some on critical infrastructure.

Reports last year suggested the underlying Emotet network had been seriously disrupted by authorities in an international collaborative effort, but it has recently returned – this time using Excel files to instigate attacks. Since late last year, more than 2.7 million cases have been detected.

2.7 million detected cases

 

 

 

 

 

 

Emotet has been particularly effective because its payload can auto-execute on victim devices without any user interaction whatsoever. From that point, it can swiftly and silently seize control of devices and networks, downloading additional payloads along the way such as ransomware or info-stealers.

The Department of Justice estimates it has caused hundreds of millions of dollars in damage worldwide and costs upwards of $1M per incident to clean up, according to CISA.

Emotet Excel costs

 

 

 

 

 

 

Part of the challenge facing authorities and cybersecurity teams is that malware operators using Emotet are constantly changing attack vectors, leaving AV engines constantly playing catch-up to detect these ever-evolving threats.

With the proactive approach delivered by CDR technology, Glasswall stops Emotet-infected files by removing macros, preventing information leakage and repairing broken document structure. With no ‘protection delta’ – the time before antivirus and sandboxing tools are updated to protect against new threats – Glasswall CDR instantly removes malware variants such as Emotet, meaning users are secure from day zero.

For further information, visit www.glasswallsolutions.com

 

Related

What is Glasswall CDR?

Embedded Engine

CDR Platform

Solutions

REST APIs

Email Security

Threat Intelligence

Plug-ins

CDS Plug-in

ICAP Plug-in

Menlo Plug-in

Palo Alto Plug-in

apps

Apps

Clean Room

Desktop

Why CDR?

We believe people should be free to open their files without fear. Glasswall CDR takes a proactive approach to automatically remove all Zero-day threats from files, without sacrificing productivity.

Use Cases

Secure Email

File Uploads and Downloads

Malware Risk Removal

Metadata Removal

Cybersecurity Crisis Response

Cybersecurity Crisis Prevention

Cloud Native Integrations

Data Migrations

SDK Integration

Resource Library

Blog

Events

support lines

Support

Glasswall CDR Portfolio

Reactive cybersecurity is failing - it’s time for a better way. Traditional detection-based security methods play catch up with new threats. Find out how your organization can take a proactive approach to cybersecurity.

strategic alliances

About our Partner Program

Our Partners

Become a Partner

Bringing File-based threat protection to your customers

Offer a richer security portfolio with the most agile CDR platform on the market. Stand out from the competition with a partner program built for you. Let’s make files safer together.

About Glasswall

Our People

Careers

communication

Contact Us

support lines

Support

Raising the bar on file security

We believe people should be free to open their files without fear. To click on anything without risk of catastrophe. To use systems the way they were meant to be used. That’s why we’re raising the bar on file security at Glasswall.