King & Union case study showcases how Avalon and DNSDB® exposed Emotet malware. First encountered in 2014, Emotet is a modular banking Trojan acting as a dropper for other malware, evolving to evade detection by frequently changing C2 and downloader URLs. In 2018, US-CERT issued an alert on its severe threat, and it remains one of the costliest, most destructive malwares impacting consumers and organizations. Despite vigilant researchers tracking its versions, combating it demands advanced tools. DomainTools software was crucial: Avalon provided real-time domain monitoring, while DNSDB® delivered extensive historical passive DNS data, enabling King & Union to uncover Emotet infrastructure, map evolving C2 networks, attribute campaigns swiftly, and disrupt operations effectively.

Join for free to read