Emotet first appeared as a standalone banking trojan during the summer of 2014, using customized spam emails to compromise hosts and steal banking credentials along with other sensitive information. After a short hiatus over the summer of 2019, Emotet re-emerged in September with a new spam campaign using social engineering techniques.
Ramnit is a parasitic virus that infects Windows PE executable files and has worming capabilities that allow it to spread to removable media and create shortcuts pointing to copies of the malware. Ramnit can infect HTML files by injecting them with VBS code. Users who later access the HTML files are infected with the virus.
Upatre, first discovered August 2013, usually spreads through spam emails that contain infected file attachments. These emails often pose as invoices or voicemail message notices. This malware can also be encountered through attached password-protected archives or installed drive-by through infected website links.
Want to learn more about the cross-platform APT espionage attacks that targeted mobile devices while remaining undetected for nearly a decade? Download our Decade of the RATs: Cross-Platform APT Espionage Attacks Targeting Linux, Windows and Android research report.