Just in time for the end of the year, the number of attacks with the most dangerous malware in the world is steadily increasing – Emotet. The experts from the Hornetsecurity Security Lab have been able to observe a particularly conspicuous campaign since December 19, 2019.

Cyber-criminals are sending emails in the name of an alleged supporter of climate activism, Greta Thunberg. Greta and the climate strikes initiated by her, have been causing a stir for a year now. The Fridays For Future Movement, which she founded, has become a global climate protection movement and has received a lot of media attention over the previous months.

Hackers also take advantage of the debate about Greta. The Hornetsecurity Security Lab has intercepted emails in which cyber-criminals ask the recipients for support in a large demonstration for climate protection. The time and address of the global strike can allegedly be found in the attached file.

As soon as the recipient opens the attachment, an encrypted document appears. The user is prompted to activate the editing and content of the document. Following this instruction, a macro is executed that downloads the malicious malware.

Emotet remains technically unchanged

The cyber criminals have once again shown great creativity in the design of their campaign, but the Security Lab was able to determine that the malware hasn’t really changed technically.