1. Homepage
  2. Equities
  3. Canada
  4. Toronto Stock Exchange
  5. BlackBerry Limited
  6. News
  7. Summary
    BB   CA09228F1036


Delayed Toronto Stock Exchange  -  05/24 02:35:34 pm EDT
7.350 CAD   -3.29%
05/20BlackBerry Provides Long-term Financial Targets
05/19BLACKBERRY LTD : Other Events, Financial Statements and Exhibits (form 8-K)
05/18BlackBerry forecasting annual revenues nearly doubling in five years
SummaryMost relevantAll NewsAnalyst Reco.Other languagesPress ReleasesOfficial PublicationsSector newsMarketScreener Strategies

BlackBerry : Prevents Updated Emotet

01/12/2022 | 12:36pm EDT
BlackBerry Prevents Updated Emotet

Following efforts by law enforcement agencies worldwide to shut its operations down around early last year, Emotet came back online on Nov. 15, 2021, with only the subtlest of makeovers. It didn't take long before this threat group was back up to its usual shenanigans of spamming victims, using malicious Microsoft® Word documents and links to infect users.

How Emotet and Trickbot Work Together

Since its reappearance, the notorious Emotet malware has been observed being dropped by the Trickbot malware family, in an apparent effort to reconstitute Emotet's botnet base.

This isn't the first time the two malware families have been seen colluding. Previously, Emotet was observed installing Trickbot on infected machines. It now would appear that Emotet has turned to its established business partner Trickbot for assistance in gaining back some of what was lost in the police action that dismantled Emotet's global botnet network.

To see how BlackBerry prevents Emotet attacks from occurring, check out the following video, and watch BlackBerry go head-to-head with a live sample of Emotet.

DEMO VIDEO: BlackBerry vs. Emotet

Learn more about Emotet in our latest deep-dive blog, Threat Thursday: Emotet Update.

Why is Emotet Important and Why Should I Be Concerned?

The Emotet group has historically used a combination of malicious office documents and URLs in its email campaigns to infect its victims. This gives it a wide reach in the business world as it can easily infect users who regularly use these kinds of documents in their day-to-day work life. Since its return, not that much has changed in the threat group's use of these types of documents to spread chaos, as using spiked Office documents is still an easy and effective attack technique.

While there haven't been any significant changes to the malware, or to the techniques it uses to infect new machines, it's likely Emotet is now setting the stage for future actions. Based on that assumption, the threat actors behind Emotet will likely spend the coming months focused on reestablishing the malware, and growing by collecting infected machines to use for further spam campaigns.

It's also entirely possible that future steps in Emotet's onward march could include deploying ransomware or other malware families to the infected machines under its control.

Demo Video: BlackBerry Stops Emotet

The video above demonstrates the different countermeasures that BlackBerry® Cyber Suite provides to protect your environment against the newest version of the Emotet Trojan.

The Emotet group uses a combination of malicious office documents and URLs to infect its victims. As an example for our demo video, we have a sample of a malicious Emotet document.

Figure 1: Malicious Emotet document sample, with BlackBerry Optics set to "Audit Only" mode

We have configured our machine by setting BlackBerry® Optics to "Audit-Only" mode to allow the Emotet macro to run. In the background, you can see that Emotet executes a heavily obfuscated PowerShell script that, once decoded, iterates through a list of malicious URLs to download the actual Emotet loader.

Figure 2: Emotet malicious payload detected in milliseconds by BlackBerry

Figure 3: BlackBerry Optics alert that a malicious exploit has been found

BlackBerry Optics is able to detect all the steps taken by this threat, from macro execution to the download of the actual loader, along with the encoded PowerShell script. Using "Focus" data from BlackBerry Optics, we can conduct even deeper root-cause analysis on each one of these stages.

Alternatively, we can enable an automated response, so that BlackBerry Optics stops this attack at its first stage.

Figure 4: BlackBerry Optics shows a deep dive into the threat, including actions taken by the threat, and the full event timeline

In addition to this, BlackBerry® Gateway can identify all of Emotet's command-and-control (C2) communication attempts, and effectively prevent the malicious loader from being downloaded.

Figure 5: BlackBerry Gateway prevents Emotet's C2 communication

And last but not least, BlackBerry® Protect can prevent this attack in milliseconds, using either memory protection or script control to block the malware from executing in real time, so your endpoints and infrastructure stay Emotet-free.

Figure 6: BlackBerry Protect blocking Emotet in real time, pre-execution.

Our Prevention-First Philosophy

At BlackBerry, we take a prevention-first and AI-driven approach to cybersecurity. Putting prevention first neutralizes malware before the exploitation stage of the kill chain.

By stopping malware at this stage, BlackBerry solutions help organizations increase their resilience. This also helps to streamline security management, ensuring your business, people, and endpoints stay secure.

Prevention is possible, with BlackBerry.

About Hector Diaz

Product Marketing Manager, Latin America & Caribbean, BlackBerry Spark Division

About The BlackBerry Research & Intelligence Team

The BlackBerry Research & Intelligence team examines emerging and persistent threats, providing intelligence analysis for the benefit of defenders and the organizations they serve.



BlackBerry Ltd. published this content on 10 January 2022 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 12 January 2022 17:35:00 UTC.

© Publicnow 2022
05/20BlackBerry Provides Long-term Financial Targets
05/19BLACKBERRY LTD : Other Events, Financial Statements and Exhibits (form 8-K)
05/18BlackBerry forecasting annual revenues nearly doubling in five years
05/18IIROC Trade Resumption - BB
05/18IIROC Trading Halt - BB
05/18BlackBerry Down 5.8% After Hours as it Releases Five-Year Financial Targets
05/18BLACKBERRY BRIEF : Expects To Be Approaching Breakeven Non-GAAP EPS and Cashflow in FY24; ..
05/18BLACKBERRY BRIEF : Expects To Be Modestly Non-GAAP EPS and Cashflow Negative in FY23 Due T..
05/18BLACKBERRY BRIEF : Investing Near 30% of Revenue on Research & Development in FY23
05/18BLACKBERRY BRIEF : Co Targeting An Average 100+ Basis Points Increase in Non-GAAP Gross Ma..
More news
Analyst Recommendations on BLACKBERRY LIMITED
More recommendations
Financials (USD)
Sales 2023 690 M - -
Net income 2023 -224 M - -
Net Debt 2023 333 M - -
P/E ratio 2023 -15,4x
Yield 2023 -
Capitalization 3 417 M 3 434 M -
EV / Sales 2023 5,44x
EV / Sales 2024 4,58x
Nbr of Employees 3 325
Free-Float 98,9%
Duration : Period :
BlackBerry Limited Technical Analysis Chart | MarketScreener
Full-screen chart
Technical analysis trends BLACKBERRY LIMITED
Short TermMid-TermLong Term
Income Statement Evolution
Mean consensus UNDERPERFORM
Number of Analysts 8
Last Close Price 5,92 $
Average target price 6,64 $
Spread / Average Target 12,1%
EPS Revisions
Managers and Directors
John S. Chen Executive Chairman & Chief Executive Officer
Steve Rai Chief Financial Officer
Charles Eagan Chief Technology Officer
Christopher Hummel Chief Information Officer
Randall Cook Secretary, Chief Legal, Compliance & Risk Officer
Sector and Competitors
1st jan.Capi. (M$)
AVAST PLC-19.93%6 366
DARKTRACE PLC-12.35%2 992
KNOWBE4, INC.-31.56%2 749