What is a Malware?
Malware is any software intentionally designed to cause damage to a computer, server, client, or computer network. A wide variety of malware types exist, including computer viruses, worms, Trojan horses, ransomware, spyware, adware, rogue software, and scareware.
QBOT, with lump names including – Qakbot and Pinkslipbot, a banking trojan malware active since 2008, is back to a task which commits stealing banking credentials, browsing history, and some financial information.
In generic, attackers usually grab victim’s gadget’s under control using a phishing attack to inject Qbot via a dropper. It does this through a combination of techniques that poison the victim’s web sessions, cookie exfiltration, credential theft, including keylogging.
Not surprisingly, Qbot also has the capability of self-replication art to copy itself on removable and shared drives. Though QBot is windows-based, the new version of it has the skill that adds both detection and research-evasion techniques. The new packing layer functionality in it has the power of hiding the code from scanners and signature-based tools.
Once the victim’s system is compromised, and if they are connected to a local network then they are a threat to other computers of that network because of the Qbot’s lateral movement capabilities. The malware then checks whether the victim can also be a potential bot as part of Qbot’s infrastructure.
Organizations need to ensure a close watch on the given IOCs and block it in your relevant security devices to observe such attacks proactively to monitor your security posture.