News & Press

Security Experts Discover Significant Increase in Emotet Activity in Q4 2021

COMMERCE, MI. (February 22, 2022) – Nuspire, a leading managed security services provider (MSSP), today announced the release of its Q4 2021 and Year in Review Threat Report. The report outlines new cybercriminal activity and tactics, techniques and procedures (TTPs) with additional insight from its threat intelligence partner, Recorded Future.

Earlier in 2021 Emotet, one of the most dangerous botnets in the world, was taken down by global law enforcement, which was then followed by a significant drop in Emotet activity. However, in Q4 of 2021, Nuspire security experts witnessed Emotet’s return with the month of December showing activity steadily increasing throughout the month. This increase in activity is due to Emotet rebuilding using TrickBot’s existing infrastructure to grow. This activity will likely continue to increase into 2022.

“Although overall activity in 2021 compared to 2020 was on an overall decrease, major events such as Log4j and the return of Emotet dominated Q4,” said JR Cunningham, Chief Security Officer at Nuspire. “The return of Emotet discovered in the threat report is a reminder that organizations must never rest on their laurels even when there is a decrease in activity. Old attacks have a habit of coming back.”

Additional notable findings from Nuspire’s Q4 2021 and Year in Review Threat Report include:
● With even only roughly 21 days in the last month of Q4, exploit attempts against the newly discovered Log4j vulnerability pushed it into 5th place on the most observed exploit attempt list for Q4
● Compared against 2020, we saw an overall decrease in activity in 2021. 9.25% decrease in Malware Activity, 24.83% decrease in Botnet Activity, and 13.93% decrease in Exploit Activity
● XorDDOS was one of the most active botnets Nuspire witnessed within Q3, but prior to that, it was generally quiet compared to others we normally see. It appears that in the beginning of Q4, this botnet has gone back into hibernation, with all activity ceasing by the end of October.
Learn more about protecting your organization from increasing cyber threats and download Nuspire’s Q4 2021 and Year in Review Threat Report.

About Nuspire
Nuspire is a managed security services provider (MSSP), offering managed security services (MSS), managed detection and response (MDR), endpoint detection and response (EDR) that supports best in breed EDR solutions, and cybersecurity consulting services (CSC) that includes incident readiness and response, threat modeling, digital forensics, technology optimization, posture assessments and more. Our self-service, technology-agnostic platform, myNuspire, allows greater visibility into your entire security program. Powered by the self-healing always on Nuspire Cyber X Platform (CXP), myNuspire will help CISOs alleviate the pain associated with tech sprawl, provide intelligence driven recommendations, solve for alert fatigue and help their clients become more secure over time. Our deep bench of cybersecurity experts, award-winning threat intelligence and three 24×7 security operations centers (SOCs) detect, respond, and remediate advanced cyber threats. Our client base spans thousands of enterprises from midsized to large enterprises that span across multiple industries and geographic footprints. For more information, visit and follow us at on LinkedIn @Nuspire.