A researcher was able to exploit a vulnerability in Emotet – effectively causing the infamous malware to crash and preventing it from infecting systems for six months.
Emotet, which first emerged in 2014 and has since then evolved into a full fledged botnet that’s designed to steal account credentials and download further malware, mysteriously disappeared from February until its recent re-emergence in early August.
On Friday, James Quinn with Binary Defense revealed why: He he had developed a killswitch earlier this year, dubbed “EmoCrash,” that exploited a buffer overflow vulnerability found in Emotet’s installation process.
Read more…
Source: ThreatPost