Threat Awareness – Continued Qakbot/Qbot Use in Current Malicious Email Campaigns

It is no surprise threat actors are notorious for using current events in social engineered phishing campaigns. Malwarebytes discovered a current malspam campaign exploiting doubts about the election process that is delivering Qbot/Qakbot – malware often found in conjunction with Emotet. According to Malwarebytes, this current campaign is stealing email threads to be used in future campaigns. The phish contains a bogus DocuSign document attachment purporting to include information on election interference. Given current post-election rhetoric and Emotet and Qakbot infections impacting critical infrastructure organizations, members are encouraged to remind curious users not to open anything compelling, let alone click on any attachments contained in such emotional, and likely unsolicited emails. For more information on this recent QBot campaign, visit TripWire.