The Qbot/Qakbot malware is “extremely active” and propagating itself via a new phishing campaign, according to security researchers. The botnet, which WaterISAC has reported on numerous times, is a highly modular malware used for many malign activities such as credential harvesting and dropping ransomware. In this latest campaign, not only is Qakbot leveraging hijacked email threads, it is injecting malicious .zip files into existing conversations. Once a victim executes the infected file the botnet downloads more malicious payloads onto the victim’s device. Users can protect themselves against this threat by carefully screening suspicious emails. Read more at Zdnet.