Emotet soars to the top of malware charts in Q1


The latest Threat Information Report from HP Wolf Security shows a 27x increase in detections resulting from Emotet malicious spam campaigns in Q1 2022.

Based on findings from millions of endpoints running HP Wolf Security, this Emotet is the most viewed malware family in the period, accounting for nine percent of all malware captured.

“Our first quarter data shows that this is by far the most activity we have seen from Emotet since the group was disrupted in early 2021, a clear sign that its operators are regrouping, regaining their strength and investing in the growth of the botnet.Emotet was once described by CISA as one of the most destructive and costly malware to remediate and its operators often collaborate with ransomware groups, a pattern we can expect to continue.Hence its resurgence It’s bad news for both businesses and the public sector,” says Alex Holland, Senior Malware Analyst in the Threat Research Team at HP Wolf Security. “Emotet also continued to favor macro-enabled attacks, perhaps to get hit before Microsoft’s April deadline, or simply because people still have macros enabled and can be tricked into clicking the wrong thing.”

As macros in Office documents begin to be phased out, HP has also seen an increase in attacks using non-Office-based formats, including Java Archive files (+476 percent) and JavaScript files ( +42 percent) malicious compared to last quarter. . Such attacks are more difficult for organizations to defend against because detection rates for these types of files are typically low, increasing the chance of infection.

Among other findings, nine percent of threats had never been seen before at the time they were isolated, and 14 percent of isolated email malware had missed at least one email gateway scanner. .

The threats used 545 different malware families in their attempts to infect organizations, with Emotet, AgentTesla and Nemucod being the top three. The report shows that 45% of malware isolated by HP Wolf Security used Office file formats, and the most common attachments used to deliver malware were spreadsheets (33%), executables and scripts (29%), files ( 22%) and documents (11 percent).

the full report is available on the HP Wolf site.


Please enter your comment!
Please enter your name here