After being dormant for over four months, the Emotnet botnet, one of the most prominent cybersecurity threats of today, has returned.
During the time the botnet was offline, the command and control servers were offline, so the bots were not receiving any instructions on what to do next.
As of recently, however, the email spam campaigns linked to the botnet, have once again been brought to life.
Inside these emails, you’ll find malware-infected attachments or links to malware downloads.
Polish and German-speaking users seem to be the primary targets.
Those who have been infected suffer the fate of having their computers added to the botnet.
Once infected, the computer will download other malware without the user’s knowledge.
The infected computers can infect other computers on the network, extract passwords from local apps and send spam emails.
In addition, other hackers with access to Emotnet can drop their own malware on the infected computers, the package that’s served as Malware-as-a-Service.
With that said, cybersecurity researchers are not surprised to see Emotnet’s return.
As so often happens to be the case, botnets can go down for months on end, and this can happen due to various different reasons.
Some go down due to upgrades, while others go down because their operators take a vacation.
In any case, the reason why Emotnet went down is still unknown.
At the time, nothing was heard about it; however, other botnets have continued their operations just as they normally would.