Trending

ee-track">
Link copied!

Emotet Took Down an Entire Business Network

Emotet is one of the most dangerous malware which attempts to sneak onto the organization’s systems and steal their sensitive and private information. The uniqueness this malware has which makes it different from others is…

April 8, 2020 · 3 min read
Emotet Took Down an Entire Business Network

Emotet is one of the most dangerous malware which attempts to sneak onto the organization’s systems and steal their sensitive and private information. The uniqueness this malware has which makes it different from others is that it uses worm-like capabilities to help spread to other connected systems, which ultimately leads to the distribution of malware all over the network. Recently Microsoft published a case report detailing a massive Emotet attack which brought down the Fabrikam’s entire network. This infection started with a phishing email and spread throughout the organization, overheating all machines and flooding Fabrikam’s internet connection. It all started when one of the employees opened the phishing email and ultimately led to handing out their credentials to the attacker. Four days after gaining the credentials, the attackers used the initial infected account to send phishing emails to other employees on the network. As a result, more employees clicked malicious attachments and downloaded malware. Ultimately, the attacker was able to get hold of the entire network. Due to the unavailability of network visibility tools with Fabrikam, the attacker was able to successfully spread out the Emotet throughout their organization’s network without raising any red flags.

1*YbVyCWUSQgVBH3dOVaePpw
The flow of Emotet attack as it delivers TrickBot, which delivers Ryuk

The use of malware in executing cyberattacks and then stealing sensitive information from the organization is tending to become quite common. These types of malware cyberattack are being executed quite frequently by the cybercriminals. For instance, recently the Cyble Research Unit (CRU) identified Maze ransomware operators targeted the Bouygues company and compromised over 200GB of their sensitive data. Recently CRU also identified Sodinobiki ransomware operators targeted the Cablex group and started threatening them to leak their sensitive data online. In accordance with these cyberattacks which are leading to huge losses for the organizations, the Cyble Research Unit (CRU) keeps an effective track of such cyberattacks regularly. Along with that, they have a clear vision to reduce the number of these types of cyberattacks. For which Cyble not only holds the largest data breach monitoring search engine that holds over 30 billion darkweb records but also provides the services which include enabling faster detection of cyber threats via Cyble Vision and providing clear visibility to third-party cyber threats and risks via their Third-Party Cyber Risk Intelligence Platform.

It is believed that organizations should start focus on improving their system’s security to prevent themselves from being affected by such cyberattacks and then landing into dreadful situations.

About Cyble:

Cyble Inc.’s mission is to provide organizations with a real-time view of their supply chain cyber threats and risks. Their SaaS-based solution powered by machine learning and human analysis provides organizations’ insights to cyber threats introduced by suppliers and enables them to respond to them faster and more efficiently.

Cyble strives to be a reliable partner/facilitator to its clients allowing them with unprecedented security scoring of suppliers through cyber intelligence sourced from open and closed channels such as OSINT, the dark web and deep web monitoring and passive scanning of internet presence. Furthermore, the intelligence clubbed with machine learning capabilities fused with human analysis also allows clients to gain real-time cyber threat intel and help build better and stronger resilience to cyber breaches and hacks. Due to the nature of the collected data, the company also offer threat intelligence capabilities out-of-box to their subscribers.

report-ad-banner

THIS POST HAS BEEN EXPORTED FROM OUR MEDIUM CHANNEL

AI Threat Intelligence

Stop Executive Threats
Before They Strike

Monitor dark web chatter, detect lookalike domains, and protect your C-suite from targeted impersonation — in real time, across 50+ countries.

Scroll to Top

Book your session

Request a Personalized Demo

See how Cyble's threat intelligence protects your organization. A specialist will reach out within one business day.

Select one or more options

Cyble protects your personal data to manage your account and deliver requested content. Submit your details to receive updates. Withdraw consent anytime. See our privacy policy for details.

Your information is encrypted and never shared.
SOC 2 Type II GDPR compliant Trusted by 1,000+ teams

Download the brochure

Get the Cyble Vision Brochure

Explore how Cyble Vision delivers AI-powered threat intelligence across your attack surface. Fill in your details to access the brochure.

Select one or more options

Cyble protects your personal data to manage your account and deliver requested content. Submit your details to receive updates. Withdraw consent anytime. See our privacy policy for details.

Your information is encrypted and never shared.
SOC 2 Type II GDPR compliant Trusted by 1,000+ teams