The Australian Cyber Security Centre (ACSC) has warned the public of an ongoing malware campaign involving the Emotet banking trojan.
ACSC head Rachel Noble said that due to the scale of the campaign, the national Cyber Incident Management Arrangements (CIMA) to Level 3 – Alert in response.
The CIMA helps coordinate the government’s response to national cyber incidents. Level 3 falls under the “significant cyber incident” category (pdf), with “major impact” to services, information, assets, government reputation, relationships and/or the community.
Emotet, which was first detected as far back as 2014 in Europe, is a trojan spread through hyperlinks or attachments to phishing emails. The program also makes systems vulnerable to ransomware injections.
”The ACSC is working closely with state and territory governments to limit the spread of this computer virus and to provide technical advice and assistance and to support organisations that are affected,” Noble said.
“Cyber criminals use malware for different reasons, most commonly to steal personal or valuable information from which they can profit, hold recipients to ransom or install damaging programs onto devices without your knowledge.”
Security vendor Malwarebytes detailed the origins and the capabilities of Emotet in a blog post, as well as tips on how to protect users from being infected.
Emotet was first identified as a banking malware that would attempt to steal sensitive and private information, which later evolved with the additions of spamming and malware delivery services—including other banking trojans.
The malware uses software that helps evade anti-malware products as well as worm-like capabilities for distribution.