The QakBot malware is once again being distributed in phishing campaigns after the botnet was disrupted by law enforcement over the summer.
In August, a multinational law enforcement operation called Operation Duck Hunt accessed the QakBot admin's servers and mapped out the botnet's infrastructure.
After gaining access to the botnet's encryption keys used for malware communication, the FBI was able to hijack the botnet to push a custom Windows DLL module to infected devices. This DLL executed a command that terminated the QakBot malware, effectively disrupting the botnet.
While a phishing service that was used to distribute the Qbot malware has seen activity since the disruption, there was no distribution of the QakBot malware until this past Monday, when the new phishing campaign started.
[...]
Qbot malware returns in campaign targeting hospitality industry
Qbot malware returns in campaign targeting hospitality industry
-
- President
- Posts: 291
- Joined: Mon Oct 30, 2023 1:32 am
- Location: Vicksburg, MS
- ISC2 Member Status: Yes
- Contact:
Qbot malware returns in campaign targeting hospitality industry
Robert B. Carleton + ISC2 Central Mississippi President