Hackers replacing malicious payloads with memes and GIFs in Emotet botnet’s distribution sites. Hackers are doing a huge favor to users and keeping the threat actor busy, says Cryptolaemus researcher. Some of the sites where the payloads are being replaced with images and memes are redirecting to online surveys. Researchers believe that someone has the password for the distribution sites and decided to programmatically replace payloads. The most plausible explanation is that someone discovered the password and. decided to. use this advantage to disrupt. operations.
Source: https://www.bleepingcomputer.com/news/security/emotet-malware-operation-hacked-to-show-memes-to-victims/