Emotet gang is trying to build a shell of IoT devices around its banking botnet | ZDNet
The idea is that a Windows computer infected with Emotet would send all the data acquired from infected hosts to these routers and IoT devices, which would then relay the information to the real Emotet C&C servers. The opposite is also valid, with the Emotet gang sending commands to the infected smart devices, which relay it to infected hosts.
By doing this, the Emotet gang is hoping to hide the real location of their command infrastructure and prevent security researchers, hosting providers, and authorities from taking down parts of their botnet. Read more…