After Germany, Kenya Is Now Dealing with Emotet Malware Infection

According to Communication CAK (Communication Authority of Kenya) Emotet malware has penetrated the East African country, Kenya. All publicly institutions, including the vulnerable banking sector are warned, they need to be alert of any suspicious activities on their network since Emotet is known to target bank-related systems through fake notifications, pretend bank account alerts and convincing email messages.

We last reported about Emotet’s re-emergence as a damaging malware in the wild on Nov 17, 2018, at that time targeting European computers, most especially Germany. It seems like it found its way into African territory, with Kenya being on its crosshairs. As of this writing there were already 11 incidents of infection recorded in Kenya by its National Computer Incident Response Team Coordination Centre, most of the cases were lured in clicking the malicious genuine-looking payment invoices and fake shipping transactions.

“It can evade typical signature-based detection and has several methods for maintaining persistence, including auto-start registry keys and services,” explained Tom Olwero, CAK’s Director General.

There were even incidents where the malware was spread through fake Paypal transactions, with the unsuspecting user filling-up a pretend form which demands for their username and password credentials. People who falls for these schemes are heavily at risk with identity theft, the modus operandi of stealing user’s data through deception and using the stolen data for the threat actor to disguise itself as the original owner.

Additionally, Emotet malware can collect information about a victim’s colleagues and acquaintances stored in the computer. This information can be used in turn to conduct attacks on those acquaintances. Email can be used to find a circle of friends, and shared email domains may indicate coworkers. Such information can be used to conduct highly targeted social engineering attacks on people who have a relationship with the first victim.

Kenya is not unique in any way with regards to virus infiltration, as the 3rd quarter of 2018 had a record of 3.8 million incidents of IT issues, which is a record breaking increase from just 3.4 million cases in the 2nd quarter of 2018.