TT-CSIRT-410.9.11.22: New Emotet Malware Campaign

TT-CSIRT-410.9.11.22: New Emotet Malware Campaign

Emotet is back again with a new campaign displaying many characteristics of older campaigns. Cisco Talos has observed an increased activity of spam distributing this new strain beginning in early November 2022, and the volume of spam and Emotet infrastructure has been increasing since then to target multiple geographies around the world.


Emotet is a Trojan that is primarily spread through spam emails. The infection may arrive either via malicious script, macro-enabled document files, or malicious link. Emotet emails may contain familiar branding designed to look like a legitimate email. Emotet may try to persuade users to click the malicious files by using tempting language about “Your Invoice,” “Payment Details,” or possibly an upcoming shipment from well-known parcel companies.


TT-CSIRT encourages users and administrators to review the following releases and take the necessary precautions:


TT-CSIRT can provide cyber security awareness training to your organization at no cost. For more information please reach out via our contact form.