Emotet was found dropping a new module to pilfer credit card information stored in the Chrome web browser. During April, Emotet malware activity increased, and one week later, it began using Windows shortcut files (.LNK) to execute PowerShell commands on victims’ devices.