New versions of Emotet have been dropping Cobalt Strike beacons directly, rather than relying on intermediate payloads such as Trickbot.
Almost a year after law enforcement disrupted its infrastructure, the Emotet malware has returned.
An uninstall process, pushed out to infected devices as part of the takedown of Emotet by law enforcement, has been triggered to kill the malware.
Police in the US and Europe have disrupted the Emotet botnet, taking over its servers and cutting off communications with infected computers.
The Emotet malware has begun spreading again after one of its periodic breaks, using Christmas and COVID lures.