Tag: Qakbot
-
QakBot attacks with Windows zero-day (CVE-2024-30051)
In April 2024, while researching CVE-2023-36033, we discovered another zero-day elevation-of-privilege vulnerability, which was assigned …
-
Qakbot Strikes Back: Understanding the Threat
Binary Defense threat researchers analyzed the reemergence of the QakBot botnet. The new QakBot DLL has undergone some minor changes, and …
-
Qakbot mechanizes distribution of malicious OneNote notebooks
Since the beginning of the year, we’ve been tracking the growth of malware threat actors taking advantage of a (previously) rarely abused …
-
Hackers Using Weaponized PDF Files to Deliver Qakbot Malware
Qakbot is a sophisticated banking trojan and malware that primarily targets financial institutions. This sophisticated malware steals …
-
Qakbot returns in fresh assault on hospitality sector
The Qakbot botnet has been disrupted this summer, but cybercriminals are not ready to give up on the malware: Microsoft’s threat analysts …
-
QakBot Malware Resurfaces with New Tactics, Targeting the Hospitality Industry
A new wave of phishing messages distributing the QakBot malware has been observed, more than three months after a law enforcement effort …
-
Qakbot Takedown Aftermath: Mitigations and Protecting Against Future Threats
The U.S. Department of Justice (DOJ) and the FBI recently collaborated in a multinational operation to dismantle the notorious Qakbot …
-
Qakbot Threat Actors Deliver Knight Ransomware & Remcos Via LNK Files
Talos researchers moderately believe Qakbot threat actors remain active, launching a recent campaign with Cyclops/Ransom Knight ransomware …
-
Qakbot Threat Actors Deliver Knight Ransomware and Remcos through Weaponized LNK Files
Talos researchers moderately believe Qakbot threat actors remain active, launching a recent campaign with Cyclops/Ransom Knight ransomware …
-
Qakbot Gang Still Active Despite FBI Takedown
Despite the takedown of the Qakbot threat gang’s infrastructure by the FBI in late August, some of the group’s affiliates are still …
-
Prolific malware and botnet operator Qakbot still operating despite FBI takedown
A little over a month since a multinational task force headed by the U.S. Federal Bureau of Investigation and Dutch Police claimed to have …
-
Unkillable? Qakbot Infections Fly On Even After Its High-Profile Raid
The Qakbot (aka Qbot) first-stage malware operation is still kicking, even after the “Operation Duck Hunt” raid by law enforcement …
●●●