{"id":5846,"date":"2021-11-19T12:05:47","date_gmt":"2021-11-19T10:05:47","guid":{"rendered":"https:\/\/www.retarus.com\/blog\/fr\/comme-dans-un-jour-sans-fin-emotet-fait-son-retour"},"modified":"2024-05-07T19:41:12","modified_gmt":"2024-05-07T17:41:12","slug":"just-like-groundhog-day-emotet-is-back-with-a-new-bag-of-tricks","status":"publish","type":"post","link":"https:\/\/www.retarus.com\/blog\/fr\/just-like-groundhog-day-emotet-is-back-with-a-new-bag-of-tricks\/","title":{"rendered":"Comme dans \u00ab\u00a0Un jour sans fin\u00a0\u00bb : Emotet fait son retour"},"content":{"rendered":"

En janvier, la police criminelle f\u00e9d\u00e9rale allemande d\u00e9clarait fi\u00e8rement la fin du suppos\u00e9 \u00ab\u00a0logiciel malveillant le plus dangereux au monde\u00a0\u00bb\u00a0: en coop\u00e9ration avec les autorit\u00e9s judiciaires de sept autres pays, elle avait r\u00e9ussi \u00e0 d\u00e9manteler totalement l’infrastructure de serveurs d’Emotet, d\u00e9sactivant ainsi ce cheval de Troie ravageur. Ce \u00ab\u00a0coup dur port\u00e9 \u00e0 la cybercriminalit\u00e9 organis\u00e9e internationale\u00a0\u00bb n’aura, h\u00e9las, pas dur\u00e9.<\/p>

Quand Emotet rena\u00eet de ses cendres<\/h2>

Plusieurs experts en cybers\u00e9curit\u00e9 d\u00e9clarent actuellement<\/a> que des ordinateurs infect\u00e9s par le logiciel malveillant TrickBot ont d\u00e9j\u00e0 commenc\u00e9 \u00e0 t\u00e9l\u00e9charger des fichiers DLL par Internet. Ces fichiers ont \u00e9t\u00e9 identifi\u00e9s \u00e0 l’unanimit\u00e9 comme \u00e9tant li\u00e9s \u00e0 Emotet. Le doute n’est plus permis : les cybercriminels mettent tout en \u0153uvre pour redonner vie au botnet afin qu’il retrouve sa force de frappe initiale.<\/p>

Des spams bien con\u00e7us contenant des documents Office truqu\u00e9s<\/h2>

Les nouveaux bots d’Emotet ont repris du service. Ils envoient d\u00e9j\u00e0 des spams malveillants, comme l’ont confirm\u00e9 les chercheurs en s\u00e9curit\u00e9 de Cryptolaemus sur Twitter<\/a>. Des fichiers manipul\u00e9s aux formats .docm ou .xlsm et des fichiers ZIP prot\u00e9g\u00e9s par mot de passe sont envoy\u00e9s aux victimes potentielles. Dans le pass\u00e9, ces e-mails \u00e9taient relativement bien ex\u00e9cut\u00e9s : ils se faisaient passer pour des messages provenant de coll\u00e8gues ou de partenaires commerciaux et contenaient m\u00eame parfois des extraits de conversations pr\u00e9c\u00e9dentes du destinataire.<\/p>

L’enjeu d’une protection de messagerie compl\u00e8te <\/h2>

Comme pour tout autre logiciel malveillant, le constat est identique : \u00e0 moyen terme, il n’existe pas de protection efficace \u00e0 100 % face \u00e0 Emotet. Une solution de s\u00e9curit\u00e9 de messagerie performante combin\u00e9e \u00e0 une sensibilisation adapt\u00e9e des utilisateurs<\/a> permet cependant, le plus souvent, d’\u00e9viter une infection de l’infrastructure de l’entreprise. Ou du moins de limiter l’impact d’une attaque si elle devait survenir.<\/p>

Dans le cadre de sa solution compl\u00e8te CxO Fraud Detection, Retarus se base sur la combinaison de divers algorithmes permettant d’identifier le \u00ab From-Spoofing \u00bb et le \u00ab Domain-Spoofing \u00bb afin d’emp\u00eacher la compromission des messageries commerciales<\/a> (Business Email Compromise) . Les e-mails provenant de fausses adresses d’exp\u00e9diteur (correspondant par exemple \u00e0 des responsables hi\u00e9rarchiques dans une entreprise, \u00e9galement exploit\u00e9es par Emotet) sont ainsi reconnus et filtr\u00e9s avant de pouvoir \u00eatre livr\u00e9s.<\/p>

Emotet, le logiciel cam\u00e9l\u00e9on depuis 2014<\/h2>

Emotet repr\u00e9sente l’un des chevaux de Troie les plus \u00ab performants \u00bb de l’histoire r\u00e9cente de l’informatique et sert entre autres de s\u00e9same pour les ransomwares. Selon les estimations, le logiciel malveillant aurait occasionn\u00e9 au moins 14,5 millions d’euros de dommages rien qu’en Allemagne. Emotet a \u00e9t\u00e9 \u00ab d\u00e9couvert \u00bb pour la premi\u00e8re fois en 2014 et n’a cess\u00e9 de se transformer depuis. Afin d’assurer une protection optimale prenant en compte ces variantes toujours plus sophistiqu\u00e9es, Retarus mise sur son m\u00e9canisme brevet\u00e9 Postdelivery Protection Patient Zero Detection<\/a>. La solution d\u00e9tecte les programmes malveillants et liens hypertexte dangereux m\u00eame dans les e-mails ayant d\u00e9j\u00e0 \u00e9t\u00e9 livr\u00e9s, d\u00e8s que les patterns correspondants sont disponibles.<\/p>

Par ailleurs, gr\u00e2ce au mod\u00e8le modulaire de sa plateforme compl\u00e8te Secure Email Platform<\/a>, Retarus couvre parfaitement tous les composants du canal de communication. Un plan B reste possible, par exemple lorsque, malgr\u00e9 toutes les pr\u00e9cautions, l’infrastructure de messagerie de l’entreprise se trouve bloqu\u00e9e. Ainsi, avec Email Continuity<\/a>, les entreprises et leurs employ\u00e9s conservent \u00e0 tout moment une alternative d’acc\u00e8s \u00e0 leur communication d’entreprise par e-mail. Pr\u00e9cieux !<\/p> ","protected":false},"excerpt":{"rendered":"

Le d\u00e9mant\u00e8lement de l’infrastructure d’Emotet aura h\u00e9las \u00e9t\u00e9 de courte dur\u00e9e. Les bots reprennent de plus belle l’envoi d’e-mails \u00ab\u00a0bien con\u00e7us\u00a0\u00bb provenant de suppos\u00e9s coll\u00e8gues.<\/p>\n","protected":false},"author":12,"featured_media":5847,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[8,15],"tags":[102,3618,509],"dipi_cpt_category":[],"class_list":["post-5846","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","category-security","tag-email-security","tag-emotet","tag-malware"],"acf":[],"yoast_head":"\nComme dans "Un jour sans fin" : Emotet fait son retour - Retarus Corporate Blog - FR<\/title>\n<meta name=\"description\" content=\"Die Zerschlagung der Emotet-Infrastruktur war leider nicht von Dauer. Bots senden wieder \u201egut gemachte\u201c E-Mails von scheinbaren Kollegen.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.retarus.com\/blog\/fr\/just-like-groundhog-day-emotet-is-back-with-a-new-bag-of-tricks\/\" \/>\n<meta property=\"og:locale\" content=\"fr_FR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Comme dans "Un jour sans fin" : Emotet fait son retour\" \/>\n<meta property=\"og:description\" content=\"Bots senden wieder "gut gemachte" E-Mails von scheinbaren Kollegen\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.retarus.com\/blog\/fr\/just-like-groundhog-day-emotet-is-back-with-a-new-bag-of-tricks\/\" \/>\n<meta property=\"og:site_name\" content=\"Retarus Corporate Blog - FR\" \/>\n<meta property=\"article:published_time\" content=\"2021-11-19T10:05:47+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-05-07T17:41:12+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.retarus.com\/blog\/fr\/wp-content\/uploads\/sites\/24\/2021\/12\/shutterstock_2943090.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"1080\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"S\u00f6ren Schulte\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"Und t\u00e4glich gr\u00fc\u00dft die Schadsoftware: Emotet ist zur\u00fcck und lernt dazu\" \/>\n<meta name=\"twitter:label1\" content=\"\u00c9crit par\" \/>\n\t<meta name=\"twitter:data1\" content=\"S\u00f6ren Schulte\" \/>\n\t<meta name=\"twitter:label2\" content=\"Dur\u00e9e de lecture estim\u00e9e\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.retarus.com\/blog\/fr\/just-like-groundhog-day-emotet-is-back-with-a-new-bag-of-tricks\/\",\"url\":\"https:\/\/www.retarus.com\/blog\/fr\/just-like-groundhog-day-emotet-is-back-with-a-new-bag-of-tricks\/\",\"name\":\"Comme dans \\\"Un jour sans fin\\\" : Emotet fait son retour - Retarus Corporate Blog - FR\",\"isPartOf\":{\"@id\":\"https:\/\/www.retarus.com\/blog\/fr\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.retarus.com\/blog\/fr\/just-like-groundhog-day-emotet-is-back-with-a-new-bag-of-tricks\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.retarus.com\/blog\/fr\/just-like-groundhog-day-emotet-is-back-with-a-new-bag-of-tricks\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.retarus.com\/blog\/fr\/wp-content\/uploads\/sites\/24\/2021\/12\/shutterstock_2943090.jpg\",\"datePublished\":\"2021-11-19T10:05:47+00:00\",\"dateModified\":\"2024-05-07T17:41:12+00:00\",\"author\":{\"@id\":\"https:\/\/www.retarus.com\/blog\/fr\/#\/schema\/person\/da5eb37e5936738ea4e12be8b429433d\"},\"description\":\"Die Zerschlagung der Emotet-Infrastruktur war leider nicht von Dauer. Bots senden wieder \u201egut gemachte\u201c E-Mails von scheinbaren Kollegen.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.retarus.com\/blog\/fr\/just-like-groundhog-day-emotet-is-back-with-a-new-bag-of-tricks\/#breadcrumb\"},\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.retarus.com\/blog\/fr\/just-like-groundhog-day-emotet-is-back-with-a-new-bag-of-tricks\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\/\/www.retarus.com\/blog\/fr\/just-like-groundhog-day-emotet-is-back-with-a-new-bag-of-tricks\/#primaryimage\",\"url\":\"https:\/\/www.retarus.com\/blog\/fr\/wp-content\/uploads\/sites\/24\/2021\/12\/shutterstock_2943090.jpg\",\"contentUrl\":\"https:\/\/www.retarus.com\/blog\/fr\/wp-content\/uploads\/sites\/24\/2021\/12\/shutterstock_2943090.jpg\",\"width\":1920,\"height\":1080},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.retarus.com\/blog\/fr\/just-like-groundhog-day-emotet-is-back-with-a-new-bag-of-tricks\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.retarus.com\/blog\/fr\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Comme dans “Un jour sans fin” : Emotet fait son retour\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.retarus.com\/blog\/fr\/#website\",\"url\":\"https:\/\/www.retarus.com\/blog\/fr\/\",\"name\":\"Retarus Corporate Blog - FR\",\"description\":\"Restez inform\u00e9\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.retarus.com\/blog\/fr\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"fr-FR\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.retarus.com\/blog\/fr\/#\/schema\/person\/da5eb37e5936738ea4e12be8b429433d\",\"name\":\"S\u00f6ren Schulte\",\"url\":\"https:\/\/www.retarus.com\/blog\/fr\/author\/sschulte\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Comme dans \"Un jour sans fin\" : Emotet fait son retour - Retarus Corporate Blog - FR","description":"Die Zerschlagung der Emotet-Infrastruktur war leider nicht von Dauer. Bots senden wieder \u201egut gemachte\u201c E-Mails von scheinbaren Kollegen.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.retarus.com\/blog\/fr\/just-like-groundhog-day-emotet-is-back-with-a-new-bag-of-tricks\/","og_locale":"fr_FR","og_type":"article","og_title":"Comme dans \"Un jour sans fin\" : Emotet fait son retour","og_description":"Bots senden wieder \"gut gemachte\" E-Mails von scheinbaren Kollegen","og_url":"https:\/\/www.retarus.com\/blog\/fr\/just-like-groundhog-day-emotet-is-back-with-a-new-bag-of-tricks\/","og_site_name":"Retarus Corporate Blog - FR","article_published_time":"2021-11-19T10:05:47+00:00","article_modified_time":"2024-05-07T17:41:12+00:00","og_image":[{"width":1920,"height":1080,"url":"https:\/\/www.retarus.com\/blog\/fr\/wp-content\/uploads\/sites\/24\/2021\/12\/shutterstock_2943090.jpg","type":"image\/jpeg"}],"author":"S\u00f6ren Schulte","twitter_card":"summary_large_image","twitter_title":"Und t\u00e4glich gr\u00fc\u00dft die Schadsoftware: Emotet ist zur\u00fcck und lernt dazu","twitter_misc":{"\u00c9crit par":"S\u00f6ren Schulte","Dur\u00e9e de lecture estim\u00e9e":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.retarus.com\/blog\/fr\/just-like-groundhog-day-emotet-is-back-with-a-new-bag-of-tricks\/","url":"https:\/\/www.retarus.com\/blog\/fr\/just-like-groundhog-day-emotet-is-back-with-a-new-bag-of-tricks\/","name":"Comme dans \"Un jour sans fin\" : Emotet fait son retour - Retarus Corporate Blog - FR","isPartOf":{"@id":"https:\/\/www.retarus.com\/blog\/fr\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.retarus.com\/blog\/fr\/just-like-groundhog-day-emotet-is-back-with-a-new-bag-of-tricks\/#primaryimage"},"image":{"@id":"https:\/\/www.retarus.com\/blog\/fr\/just-like-groundhog-day-emotet-is-back-with-a-new-bag-of-tricks\/#primaryimage"},"thumbnailUrl":"https:\/\/www.retarus.com\/blog\/fr\/wp-content\/uploads\/sites\/24\/2021\/12\/shutterstock_2943090.jpg","datePublished":"2021-11-19T10:05:47+00:00","dateModified":"2024-05-07T17:41:12+00:00","author":{"@id":"https:\/\/www.retarus.com\/blog\/fr\/#\/schema\/person\/da5eb37e5936738ea4e12be8b429433d"},"description":"Die Zerschlagung der Emotet-Infrastruktur war leider nicht von Dauer. Bots senden wieder \u201egut gemachte\u201c E-Mails von scheinbaren Kollegen.","breadcrumb":{"@id":"https:\/\/www.retarus.com\/blog\/fr\/just-like-groundhog-day-emotet-is-back-with-a-new-bag-of-tricks\/#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.retarus.com\/blog\/fr\/just-like-groundhog-day-emotet-is-back-with-a-new-bag-of-tricks\/"]}]},{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/www.retarus.com\/blog\/fr\/just-like-groundhog-day-emotet-is-back-with-a-new-bag-of-tricks\/#primaryimage","url":"https:\/\/www.retarus.com\/blog\/fr\/wp-content\/uploads\/sites\/24\/2021\/12\/shutterstock_2943090.jpg","contentUrl":"https:\/\/www.retarus.com\/blog\/fr\/wp-content\/uploads\/sites\/24\/2021\/12\/shutterstock_2943090.jpg","width":1920,"height":1080},{"@type":"BreadcrumbList","@id":"https:\/\/www.retarus.com\/blog\/fr\/just-like-groundhog-day-emotet-is-back-with-a-new-bag-of-tricks\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.retarus.com\/blog\/fr\/"},{"@type":"ListItem","position":2,"name":"Comme dans “Un jour sans fin” : Emotet fait son retour"}]},{"@type":"WebSite","@id":"https:\/\/www.retarus.com\/blog\/fr\/#website","url":"https:\/\/www.retarus.com\/blog\/fr\/","name":"Retarus Corporate Blog - FR","description":"Restez inform\u00e9","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.retarus.com\/blog\/fr\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"fr-FR"},{"@type":"Person","@id":"https:\/\/www.retarus.com\/blog\/fr\/#\/schema\/person\/da5eb37e5936738ea4e12be8b429433d","name":"S\u00f6ren Schulte","url":"https:\/\/www.retarus.com\/blog\/fr\/author\/sschulte\/"}]}},"_links":{"self":[{"href":"https:\/\/www.retarus.com\/blog\/fr\/wp-json\/wp\/v2\/posts\/5846","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.retarus.com\/blog\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.retarus.com\/blog\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.retarus.com\/blog\/fr\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/www.retarus.com\/blog\/fr\/wp-json\/wp\/v2\/comments?post=5846"}],"version-history":[{"count":7,"href":"https:\/\/www.retarus.com\/blog\/fr\/wp-json\/wp\/v2\/posts\/5846\/revisions"}],"predecessor-version":[{"id":8917,"href":"https:\/\/www.retarus.com\/blog\/fr\/wp-json\/wp\/v2\/posts\/5846\/revisions\/8917"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.retarus.com\/blog\/fr\/wp-json\/wp\/v2\/media\/5847"}],"wp:attachment":[{"href":"https:\/\/www.retarus.com\/blog\/fr\/wp-json\/wp\/v2\/media?parent=5846"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.retarus.com\/blog\/fr\/wp-json\/wp\/v2\/categories?post=5846"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.retarus.com\/blog\/fr\/wp-json\/wp\/v2\/tags?post=5846"},{"taxonomy":"dipi_cpt_category","embeddable":true,"href":"https:\/\/www.retarus.com\/blog\/fr\/wp-json\/wp\/v2\/dipi_cpt_category?post=5846"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}