After a short break, Emotet malware has been observed concealed in documents delivered through emails that pretended to be from financial institutions or disguised as Thanksgiving-themed greetings for employees.
In early October, Emotet activity dropped off the radar, only to come back towards the end of the month with a new plugin that exfiltrates email subjects and 16KB of the bodies.
The new functionality could be used to create better phishing templates, which seems to be the case with the latest campaigns.
Read more…
Source: Bleeping Computer