Emotet Took Down a Network by Overheating All Computers
Microsoft says that an Emotet infection was able to take down an organization’s entire network by maxing out CPUs on Windows devices and bringing its Internet connection down to a crawl after one employee was tricked to open a phishing email attachment. The Emotetpayload was delivered and executed on the systems of Fabrikam — a fake name Microsoft gave the victim in their case study —five days after the employee’s user credentials were exfiltrated to the attacker’s command and control (C&C) server. Before this, the threat actors used the stolen credentials to deliver phishing emails to other Fabrikam employees, as well as to their external contacts, with more and more systems getting infected and downloading additional malware payloads.
Source: bleepingcomputer.com