A Bleeping Computer report states the Emotet malware is back, and it is evolving. Emotet was considered the most widely spread malware in the past, using spam campaigns and malicious attachments to distribute the malware. Emotet would then use infected devices to perform other spam campaigns and install other payloads, such as the QakBot (Qbot) and Trickbot malware. These payloads would then be used to deploy ransomware, including Ryuk, Conti, ProLock, Egregor, and many others. At the beginning of the year, an international law enforcement action coordinated by Europol and Eurojust took down the Emotet infrastructure and arrested two individuals. German law enforcement used the Emotet infrastructure to deliver an Emotet module that uninstalled the malware from infected devices on April 25th, 2021. On November 15, 2021, Emotet research groups have begun to see the TrickBot malware dropping a loader for Emotet on infected devices using an embedded process that allows the malware to reconstruct the Trickbot architecture on the host site.