The threat group attacks networks and rents out access to other groups like crypto-miners, banking trojans and ransomwares. The most wanted malware returned after a five-month hiatus in mid-July 2020. As a matter of fact, the malware group did stop its campaign for some time, almost a year after the bug-hunting group started sharing information. Quinn wanted to enhance the effectiveness of the killswitch so that it could pre-empt an Emotet attack. His second version exploited a simple buffer overflow discovered in Emotet’s installation routine, which caused Emotet to crash during malware install, but before the malware would drop itself to the normal Emotet install locations, thus completely preventing malware installation.

Source: The Hindu August 26, 2020 07:59 UTC