Quote:On Thursday, hundreds of U.S. organizations were targeted by an Emotet spear-phishing campaign, which sent thousands of emails purporting to be from the Democratic National Committee and recruiting potential Democratic volunteers.
Emotet has historically utilized a variety of lure themes leveraging current events – from COVID-19 to Greta Thunberg. However, the threat actor behind the malware, TA542, has not directly leveraged political themes in their messaging before. That changed with Thursday’s email campaign, which featured Word Document attachments labeled “Team Blue Take Action,” which actually infected victims with Emotet.
“The shift to using politically themed lures comes days after the first of several 2020 U.S. presidential debates,” said researchers with Proofpoint in a Thursday post. “The debate received widespread media coverage, and as Election Day draws nearer, many voters are likely feeling compelled to volunteer for political causes or for the election in some way.”
The email messages had the subject line “Team Blue Take Action,” with a message body taken directly from a page on the Democratic National Committee’s (DNC) website (democrats.org/team-blue) said researchers. This message body describes Team Blue, which is the DNC’s 2018 volunteer recruitment program – and says that Team Blue is being relaunched for the 2020 campaign. The email then asks the recipient to open the attached document.
Read more: https://threatpost.com/emotet-email-dnc-...rs/159758/
![[-]](https://www.geeks.fyi/images/collapse.png)
