"Emotet Climbs March 2023's Most Wanted Malware List With OneNote Campaign"

According to security researchers at Check Point, the Emotet malware has continued to climb the rankings of Check Point’s Most Wanted Malware List in March thanks to a new campaign relying on spam emails containing a malicious OneNote file.  The threat is now second on the list, one spot up from February’s report.  The campaign responsible for its growth in adoption lures victims to open a malicious OneNote file that installs the malware.  The researchers noted that once installed, Emotet can gather login credentials and contact information to expand the campaign’s reach and facilitate future attacks.  The new technique, according to the researchers, is a result of Microsoft announcing that they were blocking macros from Office files.  The researchers stated that they know that Emotet is a sophisticated Trojan, and it is no surprise to see it has managed to navigate Microsoft’s latest defenses.  The researchers noted that the most important thing people can do is make sure they have appropriate email security in place, avoid downloading any unexpected files, and adopt healthy skepticism about the origins of an email and its contents.

Infosecurity reports: "Emotet Climbs March 2023's Most Wanted Malware List With OneNote Campaign"