"Emotet Can Spread to Poorly Secured Wi-Fi Networks And Computers on Them"
Researchers have discovered and analyzed a malware program that can spread the Emotet Trojan to nearby wireless networks and compromise computers on them. Emotet is one of the most versatile malware threats currently used. The researchers found that after the malware infects a computer that has Wi-Fi capability, it then uses the wlanAPI interface to discover any Wi-Fi networks in the area. If the Wi-Fi networks found require passwords to join, then the malware will try to guess the possible passwords, and if it guesses the passwords correctly, then it will connect to the Wi-Fi network. Once Emotet is on the Wi-Fi network, it will then scan all other computers connected to the same network for any Windows computers that have file sharing enabled. The malware then retrieves a list of all user accounts on those computers discovered and attempts to guess the passwords to those accounts as well as the Administrator account. If the malware can guess the correct passwords, then the malware copies itself to that computer and installs itself by running a remote command on the other computer.