The new variant can exfiltrate emails for a period going back 180 days, en masse.
A large-scale spam campaign has launched, spreading the Emotet banking trojan. Worryingly, the offensive has launched about a week after a fresh module for mass email-harvesting was detected for the malware.
Emotet is technically a banking trojan, but it’s most often used as a dropper for a variety of secondary payloads (including TrickBot, Zeus Panda Banker, IcedID and other malwares), with credential-stealing, network propagation, sensitive information harvesting, port forwarding and other capabilities. It has a flexible, modular architecture, which, when combined with its persistence and worm-like method of rapid self-propagation throughout networks, makes it a considerable threat.