Pittsburgh, PA (8 March 2023) – The dangerous Emotet malware – a Trojan – is back. Hornetsecurity’s inhouse Security Lab has observed a new emerging Emotet campaign after almost three months of silence.

The latest iteration of Emotet uses very large files to bypass security scans that only scan the first bytes of large files or skip large files completely.

Emotet Example

Emails come with a 600-kilobyte ZIP file containing inflated Word documents (.doc) of over 500 megabytes. When the victim opens the Word document, the Word document downloads a malicious payload (.dll) that is also over 500 megabytes.

Emotet Attachment Example

This new instance is currently running at a slow pace, but our Security Lab expects it to pick up. Emotet emails can look legit, and – even if detected and quarantined by email security systems – users may choose to release them from quarantine. Falling victim to it will help it spread further.

It is therefore essential for administrators to block such emails and to alert users to be on their guard.

Hornetsecurity is protecting its customers against this by rejecting such emails with immediate effect.

Click here to learn more about Emotet.

About Hornetsecurity

Hornetsecurity is a leading global provider of next-generation cloud-based security, compliance, backup, and security awareness solutions that help companies and organisations of all sizes around the world. Its flagship product, 365 Total Protection, is the most comprehensive cloud security solution for Microsoft 365 on the market. Driven by innovation and cybersecurity excellence, Hornetsecurity is building a safer digital future and sustainable security cultures with its award-winning portfolio. Hornetsecurity operates in more than 30 countries through its international distribution network of 8,000+ channel partners and MSPs. Its premium services are used by more than 50,000 customers.


Media enquiries

Please contact us on press@hornetsecurity.com.