Tam Cymru researchers have recently revealed noteworthy patterns and irregularities from their continuous monitoring of QakBot’s command and control infrastructure. The researchers shared high-level insights into the findings, shedding light on emerging trends and unusual activities related to QakBot. From victim-facing C2 servers, analyzing the outbound connections reveals Tier 2 infrastructure through communication patterns with common peers, often using a specific management port and maintaining prolonged ongoing interactions.
Read full article on GBHackers