On june 6th, Proofpoint researchers spotted a new variant of the infamous banking trojan “Emotet” that uses a module to steal credit card information that is stored in the Chrome browser. This new Emotet botnet is rapidly growing around the world with over 130,000 infected PCs acting as bots in 179 countries. Back in early 2021, worldwide wide authorities conducted a joint operation called Operation Ladybird which shutdown the botnet and took control of over 700 compromised servers used as part of the Emotet’s botnet infrastructure. Emotet has recently been resurrected and growing rapidly mostly due to a new feature that evades detection.
The Emotet trojan can easily be used to drop other malicious code such as Trickbot or ransomware such as ProLock. for more information about Emotet, see the article from MalwareBytes