Threat Awareness – Qbot/Qakbot Changes Delivery Tactics

Security researchers have observed the Qbot/Qakbot botnet distributing malware payloads via a new delivery method. The technique involves sending a phishing email that includes a password-protected ZIP archive attachment containing malicious MSI Windows Installer packages. Qakbot, which WaterISAC has reported on numerous times, is a highly modular malware used for many malign activities such as credential harvesting and dropping ransomware. Qakbot was “extremely active” last month propagating via phishing emails. Members are reminded they can protect themselves against this threat by carefully screening suspicious emails. Read more at BleepingComputer.