A newly discovered variant of the Emotet Trojan can spread between Wi-Fi wireless networks. Emotet relies on brute force and insecure passwords to jump from network to network. Emotet can steal personal information, install ransomware, download other pieces of malware, and form botnets. Luckily, it’s relatively easy to stop by using a good set of passwords.
Emotet gets onto a system by using brute force to find its way onto a network. When Emotet is already on a PC, it looks for Wi-Fi networks within range. It then goes through a precompiled list of passwords that people frequently use. If successful, Emotet then sends the password that worked to a command-and-control server to add it to a master list.
After jumping onto a new network, Emotet scans for Windows devices, uses brute force to get itself onto a device, and repeats the process.
Security firm Binary Defenses discovered Emotet spreading through Wi-Fi networks. The firm summarizes the trojan’s new capability, “Previously thought to only spread through malspam and infected networks, Emotet can use this loader-type to spread through nearby wireless networks if the networks use insecure passwords.”
Luckily, a strong set of passwords is a safe defense against this type of trojan. The analysts at Binary Defense recommend “using strong passwords to secure wireless networks so that malware like Emotet cannot gain unauthorized access to the network.” You can secure your devices and network even further by using network monitoring.
Emotet gets into systems by seeing if frequently uses passwords will connect to a network or device. That means that systems with simple passwords or that use factory-default passwords are at risk.