Government

Emotet Targeting Government, Military Organisations

14 - 21 January 2020

The Emotet botnet has been targeting the US government and US military since its resurgence in September 2019.

The Emotet botnet has been targeting the US government and US military since its resurgence in September 2019. The observation is made by the increase of outbound Emotet email directed at .mil and .gov top-level domains (TLDs) from September to December 2019. It is believed that at least one US government employee has been compromised, which causes a rapid increase in the number of infectious Emotet messages directed at the US government and military by December 2019. Emotet is modular in design and can expand its functionality by retrieving DLLs from its Command and Control server. Its email module can harvest email addresses from the victim's email client and steal the victim's actual emails which are used for social engineering to further distribute Emotet.

References:

Stolen Emails Reflect Emotet's Organic Growth

More Weekly Cyber Newsanalysis and insights

Ensign Consulting

Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.​

Ensign Systems Integration

Architecting and implementing cybersecurity solutions that bolster defences

Ensign Managed Security Services

Managing your security operations for advanced threat detection, continuous monitoring, and triage services

Ensign Labs

Performing deep research to analyse vulnerabilities, deploy advanced threat hunting and provide cyber threat intelligence