According to recent VMware research, threat actors involved with the infamous Emotet virus are constantly modifying their methods and command-and-control (C2) infrastructure to avoid detection. Emotet is the product of a threat actor known as Mummy Spider (aka TA542), who first appeared in June 2014 as a banking trojan before evolving into an all-purpose loader capable of delivering second-stage payloads such as ransomware in 2016. While the botnet’s infrastructure was shut down in January 2021 as part of a concerted law enforcement effort, Emotet reappeared in November 2021 via another virus known as TrickBot. Read More…