The Bleeping Computer publication noted that the developers of the Japanese CERT have created a special tool that will allow Windows users to detect infection by the Emotet malware.

Let me remind you that Emotet is one of the most active Trojans at present, which spreads with mail spam through malicious Word documents. Such letters may be disguised as invoices, invoices, account security warnings, party invitations, and even information about the spread of the coronavirus. In a word, hackers are closely monitoring global trends and constantly improving their bait letters.

Having penetrated the victim’s system, Emotet uses the infected machine for further spamming and also installs additional malware on the device. Often this is a Trickbot banker (which steals credentials, cookies, browser history, SSH keys, and so on), as well as Ryuk ransomware.

Japanese experts have created a special tool EmoCheck , which allows you to quickly and easily detect infection of the system. Having scanned the system, EmoCheck will notify you that Emotet is detected, and it will also report the process ID associated with the malware and the location of the malicious file.

This tool can also be useful to system administrators to quickly find infected machines and, perhaps, help prevent a full-scale extortionate attack.

LEAVE A REPLY

Please enter your comment!
Please enter your name here