You may have heard about Emotet in the news. What is it: Ancient Egyptian king, your teenage sister’s favorite emo band? We’re afraid not.
The Communications Authority of Kenya (CAK) has warned the public and local institutions of a destructive malware targeting network systems called ‘Emotet’.
According to CAK, The National Computer Incident Response Team Coordination Centre has already detected 11 cases in which the virus targeted local institutions and has been in touch with the institutions on the matter.
In a statement issued on Monday, CA Director General Tom Olwero said the malware, Emotet, is an advanced and destructive banking Trojan affecting network systems.
“It can evade typical signature-based detection and has several methods for maintaining persistence, including auto-start registry keys and services,” said the General Olwero.
The Emotet banking Trojan was first identified by security researchers in 2014. Emotet was originally designed as a banking malware that attempted to sneak onto your computer and steal sensitive and private information. Later versions of the software saw the addition of spamming and malware delivery services—including other banking Trojans.
Emotet uses functionality that helps the software evade detection by some anti-malware products. Emotet uses worm-like capabilities to help spread to other connected computers. This helps in distribution of the malware. This functionality has led the Department of Homeland Security to conclude that Emotet is one of the most costly and destructive malware, affecting government and private sectors, individuals and organizations, and costing upwards of $1M per incident to clean up.
What is Emotet?
Emotet is a Trojan that is primarily spread through spam emails (malspam). The infection may arrive either via malicious script, macro-enabled document files, or malicious link. Emotet emails may contain familiar branding designed to look like a legitimate email. Emotet may try to persuade users to click the malicious files by using tempting language about “Your Invoice,” “Payment Details,” or possibly an upcoming shipment from well-known parcel companies.
On December 19, 2018 the Communications Authority of Kenya said that the number of cyber-attacks in the country grew to 3.8 million between July and September.
During the quarter, the National Cyber Centre (NCC) detected over 3.8 million cyber threats, which was an increase from the last quarter where 3.4 million threats were detected.