What you need to know
- A newly discovered variant of the Emotet Trojan can hop from Wi-Fi network to Wi-Fi network.
- Emotet is a malware that can steal personal information, install ransomware, download other pieces of malware, and form botnets.
- The key to stopping it is a good set of passwords.
A newly discovered variant of the Emotet Trojan can spread between Wi-Fi wireless networks. Emotet relies on brute force and insecure passwords to jump from network to network. Emotet can steal personal information, install ransomware, download other pieces of malware, and form botnets. Luckily, it's relatively easy to stop by using a good set of passwords.
Emotet gets onto a system by using brute force to find its way onto a network. When Emotet is already on a PC, it looks for Wi-Fi networks within range. It then goes through a precompiled list of passwords that people frequently use. If successful, Emotet then sends the password that worked to a command-and-control server to add it to a master list.
After jumping onto a new network, Emotet scans for Windows devices, uses brute force to get itself onto a device, and repeats the process.
Security firm Binary Defenses discovered Emotet spreading through Wi-Fi networks. The firm summarizes the trojan's new capability, "Previously thought to only spread through malspam and infected networks, Emotet can use this loader-type to spread through nearby wireless networks if the networks use insecure passwords."
Luckily, a strong set of passwords is a safe defense against this type of trojan. The analysts at Binary Defense recommend "using strong passwords to secure wireless networks so that malware like Emotet cannot gain unauthorized access to the network." You can secure your devices and network even further by using network monitoring.
Emotet gets into systems by seeing if frequently uses passwords will connect to a network or device. That means that systems with simple passwords or that use factory-default passwords are at risk.
Sean Endicott is the news writer for Windows Central. If it runs Windows, is made by Microsoft, or has anything to do with either, he's on it. Sean's been with Windows Central since 2017 and is also our resident app expert. If you have a news tip or an app to review, hit him up at firstname.lastname@example.org.
So once it has the WiFi password, how does it install onto the network ? Does it infect the WAP or does it brute onto individual devices connected to the network? Does it only affect Windows devices?
Get the best of Windows Central in in your inbox, every day!
Thank you for signing up to Windows Central. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.