There is a new breed of malware that uses a sophisticated combination of phishing, brute-force password attacks, and spreader technology to infiltrate and compromise computer networks. The malware is called Emotet.
Emotet spreads through phishing emails. As stated above, some of these emails are very sophisticated. They may appear to come from a colleague, your boss, or even the CEO of your company. Impersonating a legitimate email address is called spoofing. Anti-spam filters usually catch spoofed emails, but not always.
The phishing email contains a payload, which is often a link to a legitimate file-sharing service such as Dropbox. When the user downloads the payload, the malware installs on their machine.
Once the malware is installed, it attempts to spread to other machines on the network using a list of brute force passwords.
Some of the brute-force passwords included in the recent Emotet Trojan are
qwerty love iloveyou princess office supervisor superuser share adminadmin mypassword mypass pass
For organizations who want to enforce complex passwords, CNS has a method to do it. Please contact your VCIO or account rep today for more information about enforcing complex passwords on your network.
We know that the first step toward better IT support is to research your options. We’ve put this guide together to aid you in that process.
It’s designed to give you an overview of our organization, so that you have the key information you need to evaluate our service fit.
This guide covers:
Download it for free by filling out the form here.