Emotet Exposed: A Look Inside the Cybercriminal Supply Chain

Emotet is considered one of the most evasive and destructive malware delivery systems ever deployed, successfully leveraging various tactics and techniques to maximize its infection rate. With telemetry from VMware Contexa, the VMware Threat Analysis Unit (TAU) has observed new waves of Emotet attacks providing insight into the exploitation chains and inner workings of the deployed botnets. This report reveals Emotet’s ability to: • Quickly morph its C2 infrastructure • Obfuscate its configuration • Adapt and test its evasive execution chains • Deploy different waves with different attack vectors • And laterally propagate and evolve numerous tactics and techniques While the TAU team has exposed these tactics, they counteract their discovery by providing strategies for security and networking teams to mount a more ironclad defensive barrier against these botnets. Download the report to learn more.