Emotet: a site to check if an email address or domain have been targeted
A free service haveibeenEMOTET offers to check if an email address or a domain name have been involved in a malicious Emotet spam campaign.
Emotet malware has been talked about a lot since its summer resumption. So much so that it is considered one of the most dangerous threats in the world today. This modular infrastructure as a service allows the distribution of malicious payloads of various forms, such as ransomware and others.
Emotet’s comeback took place via phishing and malicious spam campaigns, with emails containing a URL or attachment for trapped Word documents. A macro enables the execution of the payload, then communication with command and control servers.
Last month, the National Agency for Information Systems Security published a bulletin of alert for an upsurge in Emotet activity in France, targeting companies and administrations. The Anssi highlighted in particular phishing campaigns and a technique of hijacking email discussion threads.
We are pleased to announce our new free service “Have I Been Emotet?”.
You can check if your email / domain is involved in #Emotet malspam.https: //t.co/[email protected] @LawrenceAbrams @ Cryptolaemus1 @campuscodi @securityaffairs @arturodicorinto @ 58_158_Vorer> – TGX102 (@ TGXplir> October 1, 2020
In the manner of Have I Been Pwned? for data leaks, the haveibeenEMOTET site offers to check whether an email address or a domain name have been involved in a malicious Emotet spam campaign.
Where applicable, a recipient character is specified. ‘Emotet ( recipient ) or sender ( real sender ; after compromise) spam. For fake sender , it is an email address spoofing with the forging of the header of a message in order to hide the real origin.
BleepingComputer specifies that the database for Emotet emails currently covers the period from August to September 23, 2020, or nearly 700,000 emails and more than 2.1 million email addresses.
Have I Been Pwned? has proven to be a trustworthy service (entering your email address … that might make you think twice). For haveibeenEMOTET, it is a confidence which is still to be gained and will require a greater openness with the information made available.