It is a kind of Swiss army knife of attack programs: The Trojan is used Emotet currently for a whole range of attacks to private users and companies. Of were spying on Bank Accounts to blackmail with encrypted data, everything is possible, warns already, the Federal office for information security (BSI). We explain what makes Emotet so dangerous – and how you can protect yourself.
The Trojans come, first via e-Mail on the computer. After Emotet at the end of last year with a large-scale campaign on good fake Mails spread that were supposedly from friends or colleagues, spreading it currently, especially about the alleged shipment confirmations from Amazon. If you click on a Link that loads a malicious Word file on the computer. And Emotet his work begins.
+++ read also: The Avira-chief, explains in this Interview why the danger posed by viruses and Trojans can only get worse +++
pest “Lojax” Undeletable: These Trojans can be removed a hard drive swap not By Malte Mansholt, The power Emotet so dangerous
What happens exactly is hard to predict. Emotet only opens the door, so to speak, then depending on the load according to variant different malicious programs. In many cases, other Trojans, such as Trickbot be installed, the scan quietly in the Background, the Online Banking, so the BSI. At other victims are the computer are encrypted and a ransom demanded. Data backups can save: Some variants seem to delete a detected hard drives with Backups. The “German craft newspaper” that seem to be at the height of the ransom, even the account balances of the user considered.
The greatest danger of Emotet is the extremely high versatility, and is, therefore, also the experts from G-Data, warn. Thus, on some days up to 200 new variants of the Trojan would be discovered, even on quieter days, according to a blog post, yet a good 25, new. The high frequency of new variants anti-virus programs presents a challenge.
That Emotet as soon widely used, is due to the fact that the Trojans bring their own Spam module. The reads the contacts of the user, and further spread the fake emails so be on the lookout for new Victims. A classic snow ball System.
Kaspersky spying with NSA virus protection as a bug: The familiar enemy Of Malte Mansholt So you protect yourself from Emotet
luckily, you can protect yourself fairly easily in front of the Trojans, is G-Data. The pure Open the Word message is not enough, therefore, to install the pest. He is hidden in a Macro that start when you Open the mail will be attempted. Only when the user agrees to the execution of a so-called “active content”, can Emotet get started. Therefore, he tried to move his Victims with various Tricks for the decisive click, for instance by claiming that the file would have been created with an Online Version of Word, or there were problems due to the used Version of Office.
the users of Deny but the click does not run the Macro and Emotet access to the computer is denied. G Data recommends to prohibit the Office program, the automatic execution of macros. For instructions, see this page from Microsoft. For more General tips on how you can against Trojans protect, you will find in this Text.
Already infested? You have to do Nasty pest of A Virus, the Amazon Fire TV is interfering with the behind
the computer Has been infected already, you should act immediately. The first step is to take the computer from the Internet. Then you should warn all the contacts saved in the PC in front of a possible attack on your E-Mail address. In the next step, it is recommended to change at all on the affected machine stored or used account instantly, the password, of course, from another device.
Then the hardest step: According to the BSI, it is recommended that the infected computer once completely reinstalling, to deleting everything and re-install Windows. Will recorded data from a Backup, it should be checked, the computer immediately afterwards with an anti-virus program.
source: BSI, G-Data, Bleeping computer, German craft newspaper
Ranscam of The stupidest blackmail Trojan of all time – and the most dangerous
When a blackmail Trojan locks the computer, breaking the user to quickly panic. In the case of a new copy that is more than appropriate because the malicious program is doing through his stupidity a lot of damage.
By Malte Mansholt