Malware

Emotet malware botnet is back

The Emotet malware botnet is back and running one again almost ten months after an international law enforcement operation took its command-and-control servers earlier this year in January.

  • Once described as the “world’s most dangerous malware,” Emotet worked by sending massive waves of email spam to users all over the world in order to infect them with its malware strain.
  • Once infected these systems would allow the Emotet gang to download and install additional payloads4.
  • On Monday (15.11.2021), several researchers spotted indicators that Emotet has returned.

Over the weekend, security researcher from Cyber[.]wtf spotted that another malware botnet named TrickBot was helping the Emotet gang get back on its feet by installing the Emotet malware on systems that had been previously infected with TrickBot.
According to the researchers, they used to call this Operation ReachAround back when Emotet was dropped by TrickBot in the past.
According to the Abuse.ch, a member of the team tracked Emotet in the past, shows the gap in Emotet’s dormant period between January and November 2021, while the group rolled out new command and control servers (see Figure).

According to tracking teams, the Emotet gang is not sending out any new email spam but relying on the TrickBot gang to help them create an initial footprint of their new botnet incarnation before ramping up spam operations again.

“It doesn’t seem too large at this time, and we are not seeing active distribution yet,” the white-hat research group said. It remains to be seen if Emotet’s comeback will succeed.
Additionally, Abuse.ch group added that blocking the tracked command-and-control servers is strongly advised.

The updated list can be found at:

References:

Microsoft Server

Update or Install missing drivers on Windows Server Core 2016/2019 for free

Install Drive Easy Free from:
https://www.drivereasy.com/download-free-version/

Start DriverEasy from

“C:\Program Files\Easeware\DriverEasy\DriverEasy.exe”

Scan the machine and pick the driver you need from the list and download it.

In the command prompt, cd to folder:

c:\users\<username here>\Appdata\Roaming\Easeware\DriverEasy\Drivers\

To find the driver you just downloaded, type:
dir *.inf /s/b
CD to that directory and type:
pnputil -i -a *.inf

Note: DriverEasy will crash after ever single download as it does not have a GUI to fall back on, so, unless you want to spend a lot of time restarting DriverEasy, only bother with the drivers you really need. I usually only bother with storage and network drivers.
Also, if you happen to have core installed on a laptop with integrated hardware like webcams, etc. these drivers will have issues installing as the underlying infrastructure is missing