The most active malware of botnet of 2019 which had gone silent in February 2020 has returned with a new spam campaign. The botnet operates from 3 different server clusters called Enoch 1, Enoch 2, and Enoch 3. The servers have been sending out spam emails and attacking new users via malware payloads.
In the new attack, the botnet has been sending emails with a Word document or URLs that led to a Word document download with malicious macros, installing Emotet when activated by users.
Source: Zdnet
