720-891-1663

Return to the list of client alerts

 

Emotet Now Hacks Nearby WiFi and Acts Like a Worm

The Emotet virus started out as a banking trojan and in that incarnation it was bad enough – stealing banking credentials and emptying your bank account.

The new and improved Emotet has some more nasty features.

User ‘A’ gets infected with this strain of Emotet and then User ‘A’s computer is in range but not necessarily connected to a local WiFi network.

If that local WiFi was weak security or no security (AKA public WiFi), the infected computer attempts to brute force connect to that WiFi.  With public WiFi with no security or weak security, this is not very hard.

Once it is connected to that WiFi network, it attempts to breach any devices connected to that network.

One more time – DO NOT CONNECT TO PUBLIC WIFI if you can avoid it.  This includes hotels, convention centers and airports, in addition to your local coffee shop.

If you MUST connect to a public WiFi network, consider it a hostile work environment and attempt to reduce your attack surface.

Details: Threatpost

Tech Info: Binary Defense