A newly discovered variant of the Trojan horse Emotet has the power to hop between Wi-Fi networks and spread offices and apartments as a Wi-Fi worm.

Fortunately, it is easy to stop the spread of malware if you have proper and strong passwords on all your routers and Windows PCs.

"Previously thought to spread only through malspam (malware-infected spam emails) or infected networks, Emotet uses this loader type to spread through nearby wireless networks if the network uses an insecure password . can spread through nearby wireless networks," said a technical analysis posted late last week by Binary Defense, the Ohio-based security firm that discovered the variant.

"Binary Defense analysts recommend using strong passwords to protect wireless networks so that malware like Emotet cannot gain unauthorized access to the network," the report added.

Emotet was created in 2014 as a banking Trojan, but has since added the ability to steal personal information, install ransomware, form botnets, and download other malware, making it a versatile malware.

It has been one of the most aggressive malware campaigns in the past few years; in a report released on February 11, Malwarebytes noted that Emotet activity surged 375% in 2019 alone. Most recently, it has been confirmed that both the ongoing Wuhan coronavirus scare and the Christmas vacations are being used as an enticement to open booby-trapped email attachments.

The name Emotet is also the name of a criminal organization responsible for developing and distributing malware and leasing botnet operations. (It must be a small group -- Emotet operators are taking three months off in the summer of 2019 and another month around Christmas.)

The ability to spread among Wi-Fi networks may have been added to Emotet's toolkit as early as April 2018, judging by the time stamps Binary Defense found.

"This suggests that this Wi-Fi proliferation operation had been running unnoticed for nearly two years," the Binary Defense report says.

However, Emotet does not have a magical ability to break Wi-Fi network defenses. It just uses lousy passwords.

When this variant of Emotet is installed on a PC, a component called "worm.exe" checks how many Wi-Fi networks are available (other than the one to which the infected PC is already linked). (This step fails on Windows XP, but not on later versions of Windows.)

Emotet then attempts to crack the access password of each nearby Wi-Fi network using brute force, and then attempts to use a pre From a list of likely passcodes compiled, it pulls passwords one after another until one works.

Once access to the network is granted, Emotet sends the network name and password of the newly cracked network to a command-and-control server, apparently adding the information to a master list of hacked Wi-Fi networks.

The malware then discards the host PC's existing Wi-Fi connection and connects the PC to the newly linked network. Emotet then scans the connected Windows machines and attempts to brute-force the Windows user name and user password for each newly infected machine, extracting them from a list of likely pre-compiled text strings.

If this fails, Emotet switches to trying to brute-force the passwords of Windows accounts with the username "Administrator," and the cycle of evil begins again.

The bottom line is that if you set strong, unique passwords for your home Wi-Fi network and your Windows PC user account, you can pretty much prevent malware from jumping in from neighboring networks.

Emotet focuses instead on neighbors who do not use such good passwords or did not change their factory access passwords when setting up their routers. This would make things much easier for hackers.

However, using weak Wi-Fi passwords is only one of the ways Emotet spreads. It most often appears in infected e-mail attachments and also spreads between machines on the local network.

To truly protect yourself from Emotet, you need to run the best anti-virus software, no matter how it arrives.