Emotet Banking Malware Up 375% Now Targeting Weak Passwords
By: Jim Stickley and Tina Davis
September 11, 2022
It looks like Emotet malware may be coming to a Wi-Fi network near you. Discovered in 2014 as a banking Trojan, Emotet’s malware growth has been aggressive. In the “2020 State of Malware Report,” Malwarebytes found that not only has Emotet been expanding its capabilities over time, attacks jumped 375% in 2019. The report also notes that Emotet detection in the U.S. was the highest in the world in 2019 at 71.6%. Compare that to the next closest country, the United Kingdom, at 23.5%, and the U.S. is in first place in a contest no one wants to win. As the banking Trojan that first aimed at stealing only financial data, Emotet has added stealing personal data, ransomware, and botnets to its growing menu of malware. And now, its brute force attacks against weak Wi-Fi passwords are making headlines for good reason.
Poor passwords are Emotet’s open door to Wi-Fi networks via brute force attacks. These attacks are a type of “password cracking” that uses passwords that have been acquired previously or are known to be common, such as “football” or variations of “1234567890.” Brute force attacks use relentless combinations of usernames and passwords until it hits the jackpot. Emotet also checks how many Wi-Fi networks are in the range of the hacked account. From there, the brute force attacks continue, and the heisted data is sent to a command-and-control server that gathers a master list of hacked Wi-Fi networks. This behavior continues, with every stolen password and username added to the master list, infecting even more devices and more networks moving forward.
Since a weak password is much easier to crack than a strong one, using a unique and fortified password is always recommended for all online accounts. And as researchers have recently discovered, strong passwords are a prerequisite for warding-off an Emotet Wi-Fi attack. In general, hackers love to sit on Wi-Fi networks, hoping to catch a weak password or find a user who’s not paying attention to security. In addition to strong passwords, the option of using a VPN (Virtual Private Network) adds another layer of security to shopping and browsing when you’re away from the security of your home network. Also, always use 2FA (two-factor authentication) when available. When signing into an online account, one version of 2FA sends a randomly generated numerical code to another device such as a smartphone or tablet. From there, the code is needed as the second step to logging-in. Securing your account with 2FA provides a second layer of defense to a strong Wi-Fi network password, so make sure your account is one of them!