Continuous technique and command-and-control infrastructure changes have been conducted by Emotet malware operators in a bid to bypass detection, reports The Hacker News. Initially conceived as a banking trojan in 2014, Emotet has evolved into an all-purpose loader two years later, and while the botnet had its infrastructure dismantled in January 2021, it has been resurrected through the help of the TrickBot malware by the now-defunct Conti group. A report from VMware revealed that three different techniques have been used in attacks deploying Emotet in January, with some of the infection pathways involving exploitation of the mshta.exe executable in a confused deputy attack. Meanwhile. Excel documents were discovered to have dropped 26.7% of almost 25,000 unique Emotet DLL artifacts. Emotet has also operated new botnet clusters Epochs 4 and 5 upon its reemergence, with Epoch 5 C2 servers reused by 10,235 Emotet payloads from March 15 to June 18. Researchers also found that two new plugins have also been delivered by the malware.