Trojan Alert: Hackers Are Using Coronavirus Scare to Spread Emotet Malware in Japan ☢️

☠️ Trojan Alert ☠️ : Hackers Are Using Coronavirus Scare to Spread "Emotet Malware" in Japan ☢️ Coronavirus Campaigns Spread Emotet, Malware via sending emails.

Trojan Alert: Hackers Are Using Coronavirus Scare to Spread "Emotet Malware" in Japan ☢️

Hackers Using Coronavirus to Scare people via Emotet Malware in Japan

As reported by the Security Researchers, IBM X-Force experts and Kaspersky,

Hackers are taking advantage of the Coronavirus outbreak and sending spam e-mails to the potential victims in Japan.

In the campaign seen by Security Researchers from IBM X-Force, the emails purport to have attached notices regarding infection-prevention measures for the disease. And rather ironically, one virus is being used as a pretext to distribute another – specifically, the disreputable "Emotet Malware".

Also reported that The emails falsely claim that there are reports of coronavirus patients in the Gifu, Tottori and Osaka areas in Japan, forcing victims to read an attached Microsoft Word document that contains the Emotet trojan. The messages are particularly dangerous because they were made to look like official government emails, equipped with legitimate addresses, phone numbers, and emails.

What is Emonet Trojan? 

Emotet is a Trojan that is primarily spread through spam emails (malspam).

Emotet Trojan is the costliest and destructive malware, affecting government and private sectors, individuals and organizations.

This popular trojan that originally targeted financial data on devices it infected. In recent years, it has shifted to a modular information stealer which allows it to act as a malware dropper. Emotet uses functionality that helps the software evade detection by some anti-malware products. Emotet uses worm-like capabilities to help spread to other connected computers. This helps in the distribution of malware. If any user infected with this trojan than definitely, they will cost upwards of $1M per conflict to clean up the malware.

How Hackers are spreading Emonet Trojan?

As Reported by the Several Threat researchers with Kaspersky they have identified the how-to ways to spread dangerous & costliest Emotet Trojan using the coronavirus scare as a way to get people to open emails or files and share them.

Hackers are attaching .pdf, .mp4, and .docx files to the victim's emails that imply to have information on how people can protect themselves from the virus, updates on its spread and even virus detection procedures. 

As of now, 10 unique files have been found by Anton Ivanov, a malware analyst at Kaspersky. He also stated that these activities will trigger more hackers and the number of attacks will increase in the upcoming days.

Emotet 'coronavirus' samples:

These are the Emotet "coronavirus" email samples which were shared by the Security Researchers (IBM X-Force & bom):

#emotet が不謹慎なテーマのばらまきメールを行っています。

■件名
添

■添付ファイル
別添.doc

本文はコロナウイルスの対策について、添付ファイルを参照してください、というものです。

恐らくは盗んだメールを使った本文で、違和感のないものです。

気をつけてください! pic.twitter.com/k5UvtB87hU

— bom (@bomccss) January 28, 2020

Also, the security Researchers shares one of the spam emails sent as part of this ongoing campaign is alerting of infections being reported in the Osaka prefecture:

Jurisdiction tsusho / facility related disability welfare service provider
We become indebted to.
Patients were reported about the new type of coronavirus-related pneumonia, mainly in Takeshi, China.
In Japan, patients are being reported in Osaka Prefecture,
Along with the anticipated increase in the number of visitors to Japan, a separate notice has been issued.
Therefore, please check the attached notice,

How to protect from Emotet Malware:

These are the precautions that can be taken to moderate Emotet attacks, CISA recommends to:

1. Block email attachments commonly associated with malware (e.g.,.dll and .exe).
2. Block email attachments that cannot be scanned by antivirus software (e.g., .zip files).
3. Implement Group Policy Object and firewall rules.
4. Implement an antivirus program and a formalized patch management process.
5. Implement filters at the email gateway, and block suspicious IP addresses at the firewall.
6. Adhere to the principle of least privilege.
7. Implement a Domain-Based Message Authentication, Reporting & Conformance (DMARC) validation system.
8. Segment and segregate networks and functions.
9. Limit unnecessary lateral communications.

To protect from Emotet MalwareRecommended to download and run the latest version of Malware Removal Tool: [Download ##Malware Bytes##]