Malicious emails have been detected in the English, French, Hungarian, Italian, Norwegian, Polish, Russian, Slovenian and Spanish languages. While this campaign has been ongoing for a few months, its activity increased rapidly from ~3,000 emails in February 2022 to ~30,000 in March.
One of the functions of Qbot is also to access and steal emails. Both malware instances are capable of stealing users’ data, collecting data on an infected corporate network, spreading further in the network, and installing ransomware or other Trojans on other devices in the network.
These emails are being distributed as part of a coordinated campaign that aims to spread Qbot and Emotet – two notorious banking Trojans that function as part of botnet networks. Kaspersky experts have detected significant growth in complex malicious spam emails targeting organizations in various countries. What Happened?īecause of a recent spike in dissemination, the Emotet malware is anticipated to shortly transition to new payloads that are now identified by fewer antivirus engines.Įmails with dangerous payloads have surged tenfold in recent months, according to security experts who are monitoring the botnet.īecause of its sluggish but steady growth since the beginning of this year, it is possible that its operators are changing up a gear at this point in their operations.Ī study issued today by Kaspersky indicates that Emotet activity has increased dramatically from February to March, with an increase from 3,000 emails to 30,000 emails in only two months’ time. Users are more likely to be persuaded if the communications feature recognized branding and are formatted in the same way as emails from well-known and trustworthy organizations such as PayPal or DHL. Malspam, which are spam emails that contain malware, is the primary method of spreading it (hence the term). Known as a banking Trojan, Emotet is a kind of malware that belongs to the banking Trojans malware strain.