Kenya’s ICT watchdog the Communications Authority of Kenya (CA) has announced the detection of malware that appears to target network systems. Named Emotet, the vulnerability was identified by the National Computer Incident Response Team Coordination Centre (National KE-CIRT/CC).
The team says that it has detected 11 cases that targeted local institutions, and has engaged them to address the intrusion.
Global institutions that have since been invaded by the malware are financial-based.
According to security firm Malwarebytes, Emotet is a Trojan that is primarily spread through spam emails. The infection can be spread either via malicious script, macro-enabled document files, or malicious link. Emotet emails may contain familiar branding designed to look like a legitimate email. What’s more, Emotet may try to lure users to click the malicious files by using trickery language about “Your Invoice,” “Payment Details,” or shipping details that a user may perceive genuine.
Discovered by security researchers in 2014, Emotet has gone through a few iterations. Early versions arrived as a malicious JavaScript file. Later versions evolved to use macro-enabled documents to retrieve the virus payload from command and control servers run by the attackers.
The CA advises the public and organizations to install the following measures to cut or limit the probability of Emotet and similar attacks if by any chance they detect infection by the malware:
- immediately scan and isolate the infected device from the network
- clean up and patch the system
- consider upgrading their security measures to secure the network from future attacks
- strictly adhere to cybersecurity best practices