Emotet now drops Cobalt Strike, fast forwards ransomware attacks

Posted on December 8, 2021 by Dissent

Lawrence Abrams reports:

In a concerning development, the notorious Emotet malware now installs Cobalt Strike beacons directly, giving immediate network access to threat actors and making ransomware attacks imminent.

[…]

Today, Emotet research group Cryptolaemus warned that Emotet is now skipping their primary malware payload of TrickBot or Qbot and directly installing Cobalt Strike beacons on infected devices.

Read more on BleepingComputer.

Two more entities have folded after ransomware attacks
British institutions to be banned from paying ransoms to Russian hackers
Authorities released free decryptor for Phobos and 8base ransomware
North Country Healthcare responds to Stormous's claims of a breach
Gladney Adoption Center had serious data exposures in the past few months. What will they do to prevent more?
Armenian National Extradited to the United States Faces Federal Charges for Ransomware Extortion Conspiracy

Category: Commentaries and AnalysesMalware

Related: