{"id":130729,"date":"2021-11-17T03:22:29","date_gmt":"2021-11-17T11:22:29","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2021\/11\/notorious-emotet-botnet-makes-a-comeback-with-the-help-of-trickbot-malware"},"modified":"2021-11-17T03:22:29","modified_gmt":"2021-11-17T11:22:29","slug":"notorious-emotet-botnet-makes-a-comeback-with-the-help-of-trickbot-malware","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2021\/11\/notorious-emotet-botnet-makes-a-comeback-with-the-help-of-trickbot-malware","title":{"rendered":"Notorious Emotet Botnet Makes a Comeback with the Help of TrickBot Malware"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/notorious-emotet-botnet-makes-a-comeback-with-the-help-of-trickbot-malware2.jpg\"><\/a><\/p>\n<p>The notorious Emotet malware is staging a comeback of sorts <a href=\"https:\/\/thehackernews.com\/2021\/01\/european-authorities-disrupt-emotet.html\" rel=\"noopener\" target=\"_blank\">nearly 10 months<\/a> after a coordinated law enforcement operation dismantled its command-and-control infrastructure in late January 2021.<\/p>\n<p>According to a <a href=\"https:\/\/cyber.wtf\/2021\/11\/15\/guess-whos-back\/\" rel=\"noopener\" target=\"_blank\">new report<\/a> from security researcher Luca Ebach, the infamous <a href=\"https:\/\/thehackernews.com\/2021\/11\/trickbot-operators-partner-with-shatak.html\" rel=\"noopener\" target=\"_blank\">TrickBot<\/a> malware is being used as an entry point to distribute what appears to be a new version of Emotet on systems previously infected by the former. The latest <a href=\"https:\/\/urlhaus.abuse.ch\/url\/1789877\/\" rel=\"noopener\" target=\"_blank\">variant<\/a> takes the form of a DLL file, with the first occurrence of the deployment being detected on November 14.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The notorious Emotet malware is staging a comeback of sorts nearly 10 months after a coordinated law enforcement operation dismantled its command-and-control infrastructure in late January 2021. According to a new report from security researcher Luca Ebach, the infamous TrickBot malware is being used as an entry point to distribute what appears to be a [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34,1493],"tags":[],"class_list":["post-130729","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode","category-law-enforcement"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/130729","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=130729"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/130729\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=130729"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=130729"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=130729"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}