Previously described as “the world’s most dangerous malware” before being shut down by law enforcement and judicial authorities in January 2021, the Emotet botnet has now returned. In this blog post, we outline its current attack methods and the key questions organisations should ask to protect themselves.

Defending against loader-type malware is crucial to avoid a potential ransomware incident, given the fact that is the foothold of the attack kill-chain related to ransomware tactics, techniques and procedures (TTPs). Two of the most recent malware loaders to emerge are SquirrelWaffle and MirrorBlast. While SquirrelWaffle delivers Cobalt Strike payloads to victims, MirrorBlast uses novel techniques to gather intelligence and drop malicious payloads onto devices.