The Emotet malware botnet is now also using stolen attachments to increase the authenticity of spam emails used for infecting targets’ systems.
This is the first time the botnet is using stolen attachments to add credibility to emails as Binary Defense threat researcher James Quinn told BleepingComputer.
The attachment stealer module code — that also steals email content and contact lists — was added around June 13th according to Marcus ‘MalwareTech’ Hutchins.
Based on research from the Emotet tracking group Cryptolaemus, the malware now steals 131072 byte or smaller attachments with email contents, later to be used as part of reply chains.
Source: Bleeping Computer