This nasty malware has disguised itself as a Windows 10 update

(Image credit: Shutterstock)

Emotet, the malware campaign that has been causing havoc for computer systems all over the world, has reappeared with a new approach to infecting devices. An email attachment claiming to be from Windows Update and instructing users to upgrade Microsoft Word is now being used to lure unsuspecting victims into downloading the malicious software. 

The malware works by first sending spam emails that contain either a Word document attachment or a download link. Victims will then be prompted to ‘Enable Content’ to allow macros to run on their device, which will install the Emotet Trojan.

The new document template being used to trick victims into downloading these macros takes the guise of a Windows Update message. Previous Emotet templates have purported to be from Windows 10 Mobile, Office 365 and the Widows Office Activation Wizard.

Guess who’s back?

Emotet has been one of the most prevalent online threats since at least last year and one of the ways that it has achieved its longevity is by subtly shifting its method of attack. Earlier this month, the malware entered the political arena by piggybacking on the US presidential election in order to dupe potential victims.

Although when Emotet was initially discovered it operated as a banking trojan, today it is more commonly used as a method to distribute other malware strains, including Trickbot, QBot and related ransomware. Its ability to evade detection makes it one of the most effective malware campaigns of recent times.

With the recent Emotet resurgence, online users need to be particularly vigilant against malicious spam emails. It’s good practice to never open an email unless it’s from a trusted sender and to always ensure that your security software is up-to-date. And with regard to Emotet specifically, if you receive an email attachment asking you to enable macros on Microsoft Word, it’s probably best to ignore it.

Via BleepingComputer

TOPICS
Barclay Ballard

Barclay has been writing about technology for a decade, starting out as a freelancer with ITProPortal covering everything from London’s start-up scene to comparisons of the best cloud storage services.  After that, he spent some time as the managing editor of an online outlet focusing on cloud computing, furthering his interest in virtualization, Big Data, and the Internet of Things.