Quote:New version of trojan is spreading fast and already has claimed 100,000 victims globally, Check Point has discovered.
Attacks attributed to the Qbot trojan, known as the “Swiss Army knife” of malware, are on the uptick with a reported 100,000 recent infections, according to researchers.
Qbot, an ever-evolving information-stealing trojan that’s been around since 2008, has shifted tactics again and adopted a bevy of new techniques, according to researchers at Check Point who released a report on their findings Thursday. For example, one new Qbot feature hijacks a victim’s Outlook-based email thread and uses it to infect other PCs.
The 12-year-old malware resurface in January 2020, according to F5 researchers, who issued a report in June detailing new Qbot evasive features to avoid detection.
“We assumed that the campaign was stopped [after June] to allow those behind QBot to conduct further malware development, but we did not imagine that it would return so quickly,” wrote Alex Ilgayev, the Check Point researcher behind the report.
Ilgayev now says Check Point has identified several fresh campaigns in recent months. One of those campaigns hitched a ride with the Emotet botnet, which also recently resurfaced after a five-month hiatus. This they said signals a new distribution technique. That single campaign impacted 5 percent of organizations globally in July, Check Point said. Researchers also suspect that Qbot has a renewed command-and-control infrastructure.
Read more: https://threatpost.com/revamped-qbot-tro...ds/158715/
![[-]](https://www.geeks.fyi/images/collapse.png)
