A message within a phishing email associated with a new Emotet campaign (Source: Proofpoint)
After a nearly two-month hiatus, the Emotet botnet sprung back to life this week with a fresh spamming and phishing campaign designed to spread other malware as secondary payloads.
In an alert sent Tuesday, security firm Cofense notes that the new Emotet campaign, which uses many of the same techniques as in previous campaigns, is delivering Trickbot malware.
In October, Microsoft and other security firms worked on dismantling Trickbot s infrastructure, but security researchers warned it was likely to return after a short period (see: The Emotet botnet is one of the most prolific senders of malicious emails when it is active, but it regularly goes dormant for weeks or months at a time,” the Cofense researchers note. “This year, one such hiatus lasted from February through to mid-July, the longest break we ve seen in the last few years. Since then, we observed regular Emotet activity