A recent whitepaper from Panda Security outlines the dangers associated with the polymorphic banker Trojan Emotet. According to the software company, its "main goal is to steal data such as user credentials, or to spy on network traffic."
How does Emotet operate?
Due to the effectiveness of Emotet, attackers also frequently use the Trojan to download other forms of malware. In fact, Emotet is particularly popular as a tool for spreading more banker Trojans, such as Qakbot and TrickBot.
Email is the most common propagation method for Emotet, which utilises infected attachments or embedded URLs. It is particularly harmful as it also has the ability to take over the email accounts of users.
As a result, this tricks other users into also downloading the Trojan onto their systems. Once Emotet has infected a computer on a network, it then "exploits the EternalBlue vulnerability to spread and exploit endpoints with unpatched systems."
The consequences of Emotet
Due to its pervasive nature, Emotet has the ability to cause serious damage to organisations. Emotet downloads and installs other malware, which essentially leaves the door open to "any type of Trojan, spyware or even ransomware."
As a result, companies can experience theft of personally identifiable information (PII). In addition to this, some attackers leak financial and confidential information in order to blackmail organisations.
Many organisations have their login credentials stolen, which renders other accounts vulnerable. Emotet can also cause long remediation periods for network administrators, which catalyses a loss of employee productivity.
Employing endpoint protection
It is therefore evident that organisations must take proactive steps to defend against an Emotet campaign. However, the Trojan's ability to automatically change its own code makes this extremely difficult for traditional antivirus tools to detect it.
In order to address this, Panda Security developed a tool that protects companies from Emotet - even if employees open the email and download the document. Panda Adaptive Defence and Panda Adaptive Defence 360 also protects organisations against any known or unknown variant.
In effect, the tool stops all malware from running and keeps endpoints consistently updated. Employing preventative action is thus the best way for organisations to protect themselves against insidious Trojans like Emotet.
Looking to enhance your company's security? Check out this year's Top 10 SIEM Tools