2019-131a: Emotet malware campaign

The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) has observed an ongoing and widespread campaign of malicious emails designed to spread Emotet across a variety of sectors in the Australian economy, including critical infrastructure providers and government agencies.
Alert status
HIGH

Emotet provides an attacker with a foothold in a network from which additional attacks can be performed, often leading to further compromise through the deployment of ransomware.

How it works

The Emotet malware appears as a normal or useful file attachment in emails (.doc, .docx, .pdf), but includes hidden code which allows cybercriminals to access and control your devices or computer systems. It can also appear as a website hyperlink in emails.

Emotet malware infects devices or computers if users click on links or open files in these emails, which are sent as phishing emails to make them look like they come from someone you know, or an organisation you deal with.

Once a user account is infected, the malware forwards itself to all the users’ email contacts, increasing the likelihood of further infection.

Was this information helpful?

Thanks for your feedback!

 
Optional

Tell us why this information was helpful and we’ll work on making more pages like it

Icon for ReportReport a cyber security incident for critical infrastructure Icon for becoming a alertsGet alerts on new threatsAlert Service Become anACSC partner Icon for reportingReport a cybercrime or cyber security incident
Acknowledgement of Country icon
Acknowledgement of Country
We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities. We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia's First Peoples' enduring contribution to Australia's national security.
Authorised by the Australian Government, Canberra