"Emotet Malware Attacks Return after Three-Month Break"

After a three-month hiatus, the Emotet malware operation is once again sending out malicious emails, rebuilding its network, and infecting devices. Emotet spreads via email attachments of malicious Microsoft Word and Excel documents. When the documents are opened and macros are enabled, the Emotet DLL will be downloaded and loaded into memory. Once Emotet has been loaded, it will wait for instructions from a remote command-and-control (C2) server. Eventually, the malware will capture victims' emails and contact information for use in future Emotet attacks, or it may download additional payloads, such as Cobalt Strike or other malware that typically leads to ransomware attacks. In the past, Emotet was considered the most widely spread malware, but its distribution has gradually reduced, and its last spam activity was observed in November 2022. However, Cofense and Cryptolaemus have warned that the Emotet campaign has resumed sending malicious emails. This article continues to discuss the reemergence of the Emotet malware operation. 

Bleeping Computer reports "Emotet Malware Attacks Return after Three-Month Break"