This new Trojan recently discovered, puts the security of our computers in high risk.
The novelty of this new “infection”, is that until now, all the threats that existed had a common characteristic and that was that they needed the collaboration of the user to be able to spread.
Whether it is through an email or the use of a messaging application or a social network, a Trojan, helped by the ignorance of the users, could easily get into our computers.
However, not content with these, the criminal minds behind the creation of these threats, made Emotet go one step further, as now this Trojan can infect any computer that is connected to the same Wi-Fi network without the need for the involuntary help of any person.
Emotet, the new owner of Wi-Fi
In Defense Binary they explain how this new threat works. To achieve its objectives, this Trojan takes advantage of the wlanAPI interface so that it tries to identify all the Wi-Fi networks at the same point in order to try to spread through them by infecting all the connected devices.
When the Trojan enters a system, it starts to list the different wireless networks that this computer has access to using wlanAPI.dll calls, which is the protocol that allows you to manage wireless network profiles and wireless network connections. Wlanapi.dll arrived with Windows Vista in 2006 and has since become part of Windows 7, Windows 8, Windows 8.1, and Windows 10.
Emotet uses brute force to try to discover the authentication and encryption system to access the connection. In that order of ideas, the Trojan takes advantage of the fact that there are many users who still use simple passwords or even factory default ones. Every time Emotet breaks into a new network, it stores the information from each newly discovered network and thus increases its data as it expands. That’s why now more than ever it’s important to change router and network access data using complex passwords that are not easy to guess.
If you want to know if your computer has been infected with Emotet, you can download EmoCheck which is a tool to check if you are at risk from this trojan. EmoCheck and is accessible from the CERT Japan GitHub repository.
Finally, it is incomprehensible how humans often use their intelligence to cause harm to others. If all that knowledge used by the creators of viruses, Trojans, malware and all the countless threats on the Internet were used to do something positive and productive for humanity, we would surely live in a much better world.