Microsoft say two banking trojans took a leaf from WannaCry

Microsoft has called on corporations to help eradicate the Qakbot and Emotet banking trojans.
  • Microsoft has made an appeal to enterprise customers, urging them to help eradicate the Qakbot and Emotet banking trojans, which have adopted techniques used by WannaCry for spreading across corporate networks.
  • While banking trojans are known for their stealth, which is needed for stealing credentials without triggering alarms, lately they have been lending from the not-so-low-key ransomware industry.
  • Qakbot, Emotet and Trickbot are utilizing the same techniques WanaCry and NotPetya used to permeate networks using the file-sharing protocol Server Message Block (SMB).
  • “Qakbot and Emotet can also drop copies in other machines in the network using SMB and then use remote execution to activate,” Microsoft notes.
  • Microsoft’s telemetry data shows two notable peaks in Qakbot and Emotet incidents around May and August, which points to an increasing trend.
  • Microsoft recommends customers disconnect affected machines from their network and cut-off internet access until the machine has been cleaned.

So you Think Shes Cheating on You - Put Your Mind at Rest With FlexiSPY (728x90)

Be the first to comment

Leave a Reply

Your email address will not be published.