author photo
By Bruce Sussman
Tue | Apr 30, 2019 | 8:11 AM PDT

The Emotet banking trojan and the cybercriminals behind it are certainly good at getting publicity. They're often in the headlines.

However, that can make your work harder if you are a hacker trying to keep your operations (and server locations) a secret. 

Now, it appears the Emotet creators have a solution to that challenge. They are taking over routers and IoT devices to build a safety net around their botnet.

ZDNet reports:

"This marks the first time malware has been seen using infected routers and IoT devices as intermediary points for communications between infected computers and the malware's command-and-control (C&C) servers.

By doing this, the Emotet gang is hoping to hide the real location of their command infrastructure and prevent security researchers, hosting providers, and authorities from taking down parts of their botnet."

The Emotet group's new strategy is evidence it is trying to continuously up its game, the way some APTs do. 

However, it's not the only shift we're seeing in cybercrime.

5 new trends in cybercrime

The 2018 National Strategic Assessment, an annual crime report put out by the UK's National Crime Agency, lists five significant shifts in cybercrime.

  1. More first-time offenders
  2. Phishing emails are becoming more realistic and sophisticated
  3. More cyber vigilantes are emerging 
  4. Fighting cybercrime is getting harder (claim: due to encryption)
  5. Cybercrime is becoming linked to prison time (cyber-enabled crimes are happening from prison)

See our story on 5 Ways Cybercrime Is Changing for details on each of these areas.