Emotet (also known as Heodo) is a banking Trojan that later transformed into a self-propagating worm and created the largest botnet in history from infected computer equipment around the world.
Currently, it is used by operators as a service for targeted delivery of malware of other cybercriminal groups according to the MaaS business model («malicious software as a service»).
A distinctive feature of Emotet is polymorphism - the ability to change its program code to bypass detection by anti-virus protection based on signature analysis.
Emotet was first discovered in 2014.
In 2020, it was used to deliver TrickBot and QakBot Trojans to the target computer equipment.
In 2021, the functioning of the servers used by Emotet was terminated as a result of a joint special operation by law enforcement agencies of the European Union and Ukraine.
On November 14, 2021, new Emotet samples were discovered, which were delivered to target computer systems via the TrickBot Trojan. Currently, there is a significant increase in Emotet activity and the reincarnation of the botnet.