A sophisticated malicious computer virus is currently affecting everyday New Zealanders as well as large organisations. This malware, known as Emotet, is being spread through attachments or links in emails and there has been a recent surge of increasingly sophisticated malware attacks.
Once someone opens the attachments or links in the email, the malware gains access to their email account and can send emails out to their contact list to keep spreading the malware.
CERT NZ, the government agency which supports organisations and individuals affected by cyber security incidents, says the virus has the potential to cause widespread disruption, and loss of revenue and data.
According to intelligence received by CERT NZ, approximately 800 New Zealanders have been affected by this malware that spreads “quickly and (is) continually evolving globally.”
The virus, Emotet, installs malicious software (malware) onto a computer without the owner knowing, and the attack is typically financially motivated. Once the attacker has gained entry to your computer the malware steals login details, sends fake invoices to businesses customers, or even blocks access to your files and demands money to get it back.
The virus can affect computers that use Windows, and it is a concern for businesses as it can deploy further malware that may enable ransomware attacks – such as those affecting the healthcare sector in the United States. This ransomware – known as Ryuk – encrypts the affected individual’s or organisation’s data and holds it for ransom.
The infection starts when someone clicks on a link or attachment sent in an email. Not only does the person’s device become infected with malware, the virus also accesses and sends infected emails to the person’s contact list – continuing the cycle. This is how the virus is able to spread so effectively.
“The tricky thing is these malicious emails often don’t come from spam email addresses, which is usually a sign that an email is suspicious,” says CERT NZ’s Deputy Director, Declan Ingram.
“As the cyber attacker has access to someone’s contact list, the email is sent from a person you know and could even be interspersed into an email conversation thread you’re having with them, making them hard to identify. That’s why it’s extremely important to have up-to-date antivirus software on your computer.”
Importantly, because the malware has access to your computer it will have all your account login credentials and passwords, which could include things like online banking.
CERT NZ has issued an alert on its website with information on what to do if you have been affected and how you can best protect yourself from a virus like this. You can find this here.