Nuspire Discovers Significant Increase In Emotet Activity in Q4 2021

Nuspire, a leading managed security services provider (MSSP), today announced the release of its Q4 2021 and Year in Review Threat Report. The report outlines new cybercriminal activity and tactics, techniques and procedures (TTPs) with additional insight from its threat intelligence partner, Recorded Future

Earlier in 2021 Emotet, one of the most dangerous botnets in the world, was taken down by global law enforcement, which was then followed by a significant drop in Emotet activity. However, in Q4 of 2021, Nuspire security experts witnessed Emotet’s return with the month of December showing activity steadily increasing throughout the month. This increase in activity is due to Emotet rebuilding using TrickBot’s existing infrastructure to grow. This activity will likely continue to increase into 2022. 

Additional notable findings from Nuspire’s Q4 2021 and Year in Review Threat Report include:

  • With even only roughly 21 days in the last month of Q4, exploit attempts against the newly discovered Log4j vulnerability pushed it into 5th place on the most observed exploit attempt list for Q4
  • Compared against 2020, we saw an overall decrease in activity in 2021. 9.25% decrease in Malware Activity, 24.83% decrease in Botnet Activity, and 13.93% decrease in Exploit Activity 
  • XorDDOS was one of the most active botnets Nuspire witnessed within Q3, but prior to that, it was generally quiet compared to others we normally see. It appears that in the beginning of Q4, this botnet has gone back into hibernation, with all activity ceasing by the end of October.

I spoke to Josh Smith of Nuspire and we had a wide ranging conversation that could be summed up in three bullet points:

  • Have a regular patch regime so that you can stay ahead of threats.
  • Threats from threat actors are no longer a large enterprise problem. Smaller companies and consumers are now targets for threat actors as “high value” targets often attract unwanted attention from law enforcement if you are a threat actor.
  • Speaking of threat actors and law enforcement, there seems to be more focus from law enforcement in hunting down threat actors. Which is of course a good thing.

Learn more about protecting your organization from increasing cyber threats and download Nuspire’s Q4 2021 and Year in Review Threat Report.

UPDATE: I now have an on-demand video discussing this report which you can watch here.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: