- Emotet malware was able to shut down a whole network of Microsoft.
- How the malware carried out the attack and what was the impacts of this attack.
- Microsoft’s efforts to get rid of the emotet malware and Microsoft recommends the users to be cautious phishing attacks.
Emotet is a well-known malware bringing out disruptions across networks by hacking the systems of those networks. The latest report by Microsoft DART shows that the malware was able to shut down an entire Microsoft network in its latest attempt to hack the systems.
The malware tricked one of the employees of the company to open a phishing email. The email was malicious and started to take down the system. Within a period of 8 days, the malware was able to take down the organization’s root activities by overheating it’s all computers for a week. The malware is controlled by the hacker-controlled C2C (command-and-control) infrastructure regularly. The hacker helped the malware to bypass all the detection systems of the organization.
The phishing e-mail which was opened by the employee managed to extract employee’s credentials to the hacker-controlled C2C infrastructure after 5 days and then the malware delivered its payload and performed on Fabrikam’s computers. Fabrikam is the imaginary name given to the victim’s organization by Microsoft in its case study. The malware then started to spread to other computers used by Fabrikam. The malware delivered phishing emails to other computers with the help of stolen information and infected other employee’s computers along with their external contacts. The malware was able to get access to the admin account which helped it to spread to the entire network’s PCs without being detected. The entire network was shut down by the malware within 8 days since the phishing email was first opened despite the struggles made by the IT department officials of the organization.
All the computers started overheating, freezing, and restarting because of the blue screens and the internet connections of the entity also slowed down as the malware devoured all the bandwidth.
When the last computer of the entity experienced these problems, Fabrikan knew the situation had gone out of control and they needed to cease hemorrhaging. The malware took down the entire network to its knees including the 185-security camera system. The malware devoured the bandwidth of the internet to such an extent that even sending an email was not possible.
Microsoft’s cybersecurity team DART came to control the attack after 8 days. They used buffer zones that were able to separate the computers from admin authorization and uploaded new antivirus programs to control the situation. The company’s software defender ATP and Azure ATP were also installed to remove the malicious Emotet malware completely.
Microsoft suggests its users use email-filtration tools after the incident as the malware was able to take down Microsoft’s own network. The company also recommends the users to use multi-factor authorization which will avoid the hackers to access your systems illegally.
Not that long ago on Twitter a lot of famous accounts were hacked and were renamed so that people would think that they are something else entirely and these accounts were subsequently used to advertise all kinds of ponzi schemes that were meant to swindle people out of their hard earned money. The way these scams work is that users are encouraged to send a small quantity of bitcoin to someone after being promised that they will receive twice the amount back in return, except that they never receive the amount back in the first place and it ends up being stolen.
Twitter cracked down pretty hard on accounts that were doing this and this more or less ended the problem, but as a result of the fact that Twitter no longer allowed this scam to exist this meant that the hackers were going to move elsewhere entirely. YouTube is now the location that these hackers have chosen and a big part of the reason why that is the case has to do with the fact that YouTube gives them access to a large audience.
According to Zdnet some big accounts are now being hacked into and renamed to make them seem like various Microsoft accounts and these accounts are streaming using Bill Gates’ image to make it seem like the founder of Microsoft is offering some kind of a cryptocurrency scheme that would result in profits for people. Suffice it to say that this scheme does not actually exist and it is just a trick that bad actors are trying to pull, but the fact remains that this is something that can cause a lot of harm to a lot of internet users. Microsoft has stated that no official Microsoft accounts have been targeted so at the very least this scam is not happening on any official accounts all in all.