Approx 800 corporate users already infected as QBot Malware is on a surge!

مقالات

Qbot which is also known as the Qakbot ,Pinkslip and the Quackbot is the very common and usual malware and the Trojan that is designed to sneak and steal the password. The evolution of the malware evolved as the time passed as first it is just the simple infostealer kind of the malware but later on it transform into an info stealer that also contain backdoor functionality as well. When Qbot launched intially it was distributed in the attack of the different exploiting of the Follina that was the detecting tool of MSDT stands for Microsoft support diagnostic tool.

The malware has become active since the year 2008 that is primarily used for the motivation of the financial actors that are also served as the ‘Initial Access Brokers” for so many partners of ransomware that includes Sodinokibi and the Devil. There are so many significant changes made in the TTPs that include new mechanism for the detection and delivery of vectors as well. Corporate users can also used it’s facility either in only one organizations or several other ones as well but the thing is we cannot measure the exact number of the organizations in any case either.

It is been observed by the Kaspersky that on September 28 and October 7 that there were nearly 1800 users that are infected through the Qbot in the whole world where it is to be estimated that nearly half of the victims were corporate users specifically. As per the reports of US ,India ,Germany ,Italy these are the countries that are targeted in the new campaigns of the Qbots.