Dec 18, 2023NewsroomMalware / Cybersecurity A new wave of phishing messages distributing the QakBot malware has been observed, more than three months after a law enforcement effort saw its infrastructure dismantled by infiltrating its command-and-control (C2) network. Microsoft, which made the discovery, described it as a low-volume campaign that began on December 11, 2023, and […]
Despite concerted efforts by the FBI in August to dismantle the infrastructure supporting the Qakbot malware, the threat actors behind it appear undeterred. Recent evidence indicates an active distribution of Ransom Knight ransomware and the Remcos backdoor via phishing emails, starting from early August. Diving into details Cisco Talos has tracked and shared details about […]
The threat actors behind the Qakbot malware have been conducting a campaign since early August 2023 in which they have been distributing Ransom Knight ransomware and the Remcos backdoor via phishing emails. Notably, this activity appeared to begin before the FBI seized Qakbot infrastructure in late August and has been ongoing since, indicating the law […]
Oct 05, 2023NewsroomRansomware / Malware Despite the disruption to its infrastructure, the threat actors behind the QakBot malware have been linked to an ongoing phishing campaign since early August 2023 that led to the delivery of Ransom Knight (aka Cyclops) ransomware and Remcos RAT. This indicates that “the law enforcement operation may not have impacted […]