It is a kind of Swiss army knife of attack programs: The Trojan is used Emotet currently for a whole range of attacks to private users and companies. Of were spying on Bank Accounts to blackmail with encrypted data, everything is possible, warns already, the Federal office for information security (BSI). We explain what makes Emotet so dangerous – and how you can protect yourself.

The Trojans come, first via e-Mail on the computer. After Emotet at the end of last year with a large-scale campaign on good fake Mails spread that were supposedly from friends or colleagues, spreading it currently, especially about the alleged shipment confirmations from Amazon. If you click on a Link that loads a malicious Word file on the computer. And Emotet his work begins.

+++ read also: The Avira-chief, explains in this Interview why the danger by virus and Trojan> will only get worse +++

pest “Lojax”

Undeletable: These Trojans can be removed a hard drive swap

By Malte Mansholt, The power Emotet so dangerous

The greatest danger of Emotet is the extremely high versatility, and is, therefore, also the experts from G-Data, warn. Thus, on some days up to 200 new variants of the Trojan would be discovered, even on quieter days, according to a blog post, yet a good 25, new. The high frequency of new variants anti-virus programs presents a challenge.

That Emotet as soon widely used, is due to the fact that the Trojans bring their own Spam module. The reads the contacts of the user, and further spread the fake emails so be on the lookout for new Victims. A classic snow ball System.

Kaspersky spied for the NSA

antivirus as a bug: The familiar enemy

By Malte Mansholt So you protect yourself from Emotet

luckily, you can protect yourself fairly easily in front of the Trojans, is G-Data. The pure Open the Word message is not enough, therefore, to install the pest. He is hidden in a Macro that start when you Open the mail will be attempted. Only when the user agrees to the execution of a so-called “active content”, can Emotet get started. Therefore, he tried to move his Victims with various Tricks for the decisive click, for instance by claiming that the file would have been created with an Online Version of Word, or there were problems due to the used Version of Office.

the users of Deny but the click does not run the Macro and Emotet access to the computer is denied. G Data recommends to prohibit the Office program, the automatic execution of macros. For instructions, see this page from Microsoft. For more General tips on how you can against Trojans protect, you will find in this Text.

Already infested? You need to do

Nasty pest

A Virus sets Amazon’s Fire TV is lame – behind

Is infected, the computer already, you should act immediately. The first step is to take the computer from the Internet. Then you should warn all the contacts saved in the PC in front of a possible attack on your E-Mail address. In the next step, it is recommended to change at all on the affected machine stored or used account instantly, the password, of course, from another device.

Then the hardest step: According to the BSI, it is recommended that the infected computer once completely reinstalling, to deleting everything and re-install Windows. Will recorded data from a Backup, it should be checked, the computer immediately afterwards with an anti-virus program.

source: , BSI, G-Data, Bleeping computer, German craft newspaper


The dumbest blackmail Trojan of all time – and the most dangerous

When a blackmail Trojan locks the computer, breaking the user to quickly panic. In the case of a new copy that is more than appropriate because the malicious program is doing through his stupidity a lot of damage.

By Malte Mansholt