The HHS Cybersecurity Program issued a warning June 2 about dangerous malware Emotet, which is responsible for a majority of malware infections at healthcare organizations.
First detected in 2014, Emotet, which is primarily delivered via email, is considered to be one of the most dangerous malware variants, infecting 1 in 5 organizations worldwide.
Four things to know about the threat:
- The malware includes a dropper for delivering other malware variants and is offered to other cybercriminal groups under the infrastructure-as-a-service model.
- Eighty percent of malware infections at healthcare organizations involved Trojans, and Emotet was the most common Trojan deployed in attacks on the healthcare sector.
- Emotet is operated by the Mummy Spider threat group.
- The U.S., Canada and Europe had successfully taken down the Emotet infrastructure in January 2021 and removed the disabled malware from infected devices in April 2021, but the cybergroup began rebuilding Emotet in November 2021 and now consists of 246 systems.