home.aspx
 
. https://blog.luminate.io/why-network-level-access-is-critical-for-attackers
blog article
WHY NETWORK-LEVEL ACCESS IS CRITICAL FOR ATTACKERS
In recent months, we’ve seen a new trend where malware is used to load and distribute other types of threats like ransomware, trojans, backdoors etc. Malware distribution as a service. One recent example of this was when attackers used the Emotet malware family as a distributor to circulate highly targeted ransomware named Ryuk across multiple organizations (here’s more on the Ryuk ransomware). The group behind Emotet, Mealybug, has taken the business model of selling a malware distribution platform to the highest bidder. Emotet malware has now deployed multiple types of malware including the IcedID banking trojan, trickbot as well as various forms of ransomware. For the attackers, one of the main benefits of the Emotet malware is that it contains network worm capabilities (similar to WannaCry and Petya/NotPetya) that distributes the product across the corporate network to other endpoints as well as to servers. READ MORE