The Emotet Trojan leads the ranking of cyber threats . It has regained number one in the traditional Global Threat Index published by Check Point, as can be seen in the July 2020 edition. And it does so after five months of absence .

Emotet started out as a banking Trojan, but over time it has evolved and has become a distributor of other malicious programs. It is distributed with the help of email attachments and link with suspicious intentions. In July, for example, Emotet led malspam campaigns that infected its victims with viruses such as Trickbot and Qbot , stealing bank credentials. Some campaigns contained files that launched a PowerShell to extract the Emotet binary from the pages remotely and infect computers, which then became part of the botnet . Added to this is his ability to use different evasion techniques.

Emotet impacted 5% of companies globally in July. In Spain , the percentage of companies affected was almost three times higher, reaching 14.15%.

“It is interesting that Emotet was inactive for several months earlier this year, repeating a pattern that we first observed in 2019. As a consequence, it is possible to assume that the developers behind this botnet they were updating their features and capabilities, ”says Maya Horowitz, director of Check Point’s Threat and Product Intelligence and Research Group.

Horowitz refers to the fact that Emotet’s activity began to subside in February, until it ended up being diluted . This Trojan had been lost track of until last month when it appeared in new broadcast campaigns.

In 2019 stopped its activity during the summer for return to the load in September to immediately become the most searched malware in Spain. After that, ended the year at the top.

This reactivation “implies that companies must teach their employees the keys to detect the types of malspam that these threats carry, as well as warn them about the risks of opening email attachments or click on links from external sources, ”Horowitz warns. «All this, moreover, must be accompanied by the deployment of antimalware solutions that can prevent this type of content from reaching users.»

Emotet returns to the present at a time when remote communications and the use of email is intensifying with companies’ commitment to teleworking to promote social distancing and combat the coronavirus pandemic.