~ Update January 28, 2021 ~

We have learned that the Emotet malware has just been dismantled in an international operation.
Indeed, after infecting several hundred thousand machines worldwide since now 2014, Emotet has been defeated.

A verification tool is available to check whether your email address has been compromised.

Emotet dismantled

A few weeks ago, we warned you to be on the lookout for a resurgence of the Emotet malware had been detected in Switzerland in recent days. As a reminder, this virus, which was usually used against players in the banking world contains a dangerous horse Trojan horse.

Malicious e-mails impersonate Swiss public authorities or cantonal police departments. so beware if you receive e-mails from from the police or banks.

The attachment, at the origin of theusurpation, can be may be a password-protected ZIP file containing a malicious Word document, or simply a download link.

What you need to know

As this malware is polymorphic, antivirus solutions have difficulty detecting it, and the default configuration of Microsoft Tenant is unfortunately not able to detect it. unfortunately to protect against it.

Only more advanced protection solutions can protect against certain variants.

In a full-cloud configuration, malware propagation is weaker, but still possible.

Our recommendations in the event of cyberthreats

Communicate with your customers, users and colleagues to inform and raise awareness of good safety practices.

Check the validity of the e-mail you receive and the sender.
If there are any attachments, do not open them if they are suspicious , even if your computer is equipped with anti-virus software. .

Check thathe sender is reliable and has not himself been compromised (check that the name displayed corresponds to the sender’s real name).

When faced with such a message, do not open the attached file and place the email in your spam folder. junk mail or in the trash.

If it’s already too late you opened the attachment, alert your network administrator and disconnectez immediately disconnect your computer from the networkthen switch off thedevice.

A reminder of one of the attack’s modus operandi Emotet


The purpose of malware Emotet malware is to install the ransomware Ryuk ransomware across an entire network, with the aim of encrypting as much sensitive data as possible and thus ransom victims.

Swiss Emotet malware

(Source: GovCERT.ch)

If you wish would like or if you need any help in this area, please do not hesitate to contact our experts.

DATA PROTECTION IT

SME managers, take control
of your ITdata

Download the free Ebook microsoft 365 guide