The On Again, Off Again Emotet is Now Back On

Emotet campaigns have fluctuated between surging and dormant since the infamous malware returned in November 2022. As of the morning of Tuesday, March 7th, 2023, at 8:00 AM EST, new malicious emails containing Emotet were circulating. The latest campaigns were discovered by security researcher, Cryptolaemus and researchers from Cofense, who have discovered the spam emails are carrying a weaponized Office document. The malicious document contains embedded macros contained within a compressed zip file. After the user accepts the “Enable Content” prompt, the malicious macros execute to retrieve Emotet DLLS from a remote site and execute them on the host machine.