legal contact

(unfortunately outdated) Cybernews and other cool stuff

Nach Tags gefiltert: data emotet forensic learning list training trickbotatm attackbank heist blockbtleakschina enisafeedforensichowtoioclaw-enforcementleaklinuxmisposintrothsecuritysigmasophostortwitterwindows Alle Artikel anzeigen

Sophos KB: Resolving outbreaks of Emotet and TrickBot malware

Sophos released a good writing about EMOTET.

The basic avoidence of EMOTET infections come to:

  1. Secure all of your machines
  2. Patch early, patch often
  3. Block PowerShell by default


This article is designed to help Sophos customers who have detections for the Emotet or TrickBot malware. While these two malware families are different, often networks infected with one will also have the other as well. This is primarily due to Emotet spreading across a network and additionally downloading TrickBot as it goes. These two threats are very advanced and fast moving, they also use different techniques to achieve their goals and removing both of these involves taking the same actions. In this article, we cover the basic points worth knowing about these threats, how to remove them and how to improve your security to help prevent getting infected again in the future.

The following sections are covered: