Qbot malware's back, and latest strain relies on Visual Basic script to slip into target machines

    Date01 Mar 2019
    948
    Posted ByBrittany Day

    A new version of the decade-old banking credential-stealing Qbot malware is doing the rounds, according to infosec firm Varonis.

    The latest version, spotted after an unfortunate customer's systems were infected, retains the anti-analysis polymorphism features of the original, Varonis researchers said.

    Once present on a targeted network, the Windows malware starts brute-forcing network accounts from the Active Directory Domain Users group. It also runs the traditional keylogging, hooking (scanning all system processes for banking-related strings and extracting those) and credential-stealing functions.

     
    You are not authorised to post comments.

    LinuxSecurity Poll

    In your opinion, what is the biggest advantage associated with choosing open-source software/products?

    Message!

    Poll results are hidden from public viewing.

    You are not authorized to vote on this poll.

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 4 answer(s).
    /component/communitypolls/?task=poll.vote
    8
    radio
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.