The malware known as Emotet has emerged as “one of the most prevalent ongoing threats” as it increasingly targets state and local governments and infects them with other malware, the cybersecurity arm of the Department of Homeland Security said on Tuesday.
Emotet was first identified in 2014 as a relatively simple trojan for stealing banking account credentials. Within a year or two, it had reinvented itself as a formidable downloader or dropper that, after infecting a PC, installed other malware. The Trickbot banking trojan and the Ryuk ransomware are two of the more common follow-ons. Over the past month, Emotet has successfully burrowed into Quebec’s Department of Justice and increased its onslaught on governments in France, Japan, and New Zealand. It has also targeted the Democratic National Committee.
Not to be left out, US state and local governments are also receiving unwanted attention, according to the CISA, short for the Cybersecurity and Infrastructure Security Agency. Einstein—the agency’s intrusion-detection system for collecting, analyzing, and sharing security information across the federal civilian departments and agencies—has in recent weeks noticed a big uptick, too. In an advisory issued on Tuesday, officials wrote: