#qbot — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #qbot, aggregated by home.social.
-
Russian Qakbot Gang Leader Indicted in US https://www.securityweek.com/russian-qakbot-gang-leader-indicted-in-us/ #RustamGallyamov #Cybercrime #charged #Qakbot #Russia #Qbot
-
Russian Qakbot Gang Leader Indicted in US https://www.securityweek.com/russian-qakbot-gang-leader-indicted-in-us/ #RustamGallyamov #Cybercrime #charged #Qakbot #Russia #Qbot
-
"In addition to the new backConnect malware developed by Qbot operators, research has emerged tying zloader[4] activity to that of the BlackBasta ransomware operation. It is highly likely this new side loading backConnect malware has been or is going to be utilized to further ransomware attacks."
⬇️
"Qbot is Back.Connect"
👇
https://medium.com/walmartglobaltech/qbot-is-back-connect-2d774052369f -
New Latrodectus Downloader Malware Linked to IcedID and Qbot Creators https://www.hackread.com/latrodectus-downloader-malware-icedid-qbot/ #Latrodectus #BlackBasta #Ransomware #Security #Malware #IcedID #TA577 #TA588 #QBot
-
New #Qbot #malware variant uses fake Adobe installer popup for evasion
The misleading popup this campaign spawns “Adobe Setup” installs itself regardless of what you click.
As always be careful what you click and download.
-
#Qbot malware returns in campaign targeting hospitality industry
-
📬 Qakbot: Behörden nahmen 700.000 Bots vom Netz
#Cyberangriffe #ITSicherheit #BenjaminKrause #CarstenMeywirth #ChristopherWray #FBI #Malware #Qakbot #QBot #RansomwareAngriff https://tarnkappe.info/artikel/cyberangriff/qakbot-behoerden-nahmen-700-000-bots-vom-netz-280164.html -
"Duck Hunt" international police operation disrupts:
—700,000 computers infected with Qakbot dropper
—ransomware wielders relying on #Qbot
—52 servers used by criminals (seized)
—$9 million worth of cryptocurrency (seized)
https://www.databreachtoday.com/operation-duck-hunt-dismantles-qakbot-a-22959
@daveperera -
U.S. Hacks QakBot, Quietly Removes Botnet Infections https://krebsonsecurity.com/2023/08/u-s-hacks-qakbot-quietly-removes-botnet-infections/ #FederalBureauofInvestigation #U.S.DepartmentofJustice #LatestWarnings #TheComingStorm #MartinEstrada #Ransomware #DonAlway #Qakbot #Qbot #DOJ #fbi
-
Good day everyone! The ReliaQuest Threat Research team recently provided a wrap up of the most commonly used loaders, the top 80% which comprised of only three different malware! These big three are #QBot, #SocGholish, and #RaspberryRobin. THEN, they not only provided the data sheet to provide to your management or C-suite, they broke them down even further to include technical details as well! Thank you to the Threat Research team for such a great report, I hope you enjoy it as much as I did, and Happy Hunting!
The 3 Malware Loaders Behind 80% of Incidents
https://www.reliaquest.com/blog/the-3-malware-loaders-behind-80-of-incidents/#CyberSecurity #ITSecurity #InfoSec #BlueTeam #ThreatIntel #ThreatHunting #ThreatDetection #HappyHunting #readoftheday
-
ISC Diary: @malware_traffic reviews #Qakbot (#Qbot) from Thurs 2023-06-22, obama271 distribution tag https://i5c.us/d29968
-
For all the #MicrosftSentinel users out there - I've started a weekly series with content and #KQL queries relating to malware families. I just updated the GitHub repository with the latest #QBot / #QakBot indicators: https://github.com/reversinglabs/reversinglabs-siem-rules/tree/master/Malware/QBot/20230612/KQL?utm_campaign=Azure%20Marketplace%20Offers&utm_source=email&utm_medium=Qbot%20Post&utm_content=Weekly%20Threat%20Intel
-
Die Cybersicherheitsagentur Baden-Württemberg (CSBW) hat den #ITSicherheitsvorfall in #Birkenfeld überprüft. Es handelte sich um einen Angriff mit der Malware #QakBot (#Qbot). Scheinbar wurden aber keine weiteren IT-Systeme kompromittiert, denn die Verwaltung wird Dienstag wieder ihre Arbeit aufnehmen.
Die Öffentlichkeitsarbeit der Gemeinde Birkenfeld gestaltet sich etwas schwierig. Man kommuniziert zu dem Vorfall nur noch über Instagram, keine Infos mehr auf der Homepage.
-
Fresh #qbot:
https://app.any.run/tasks/c3c2e0b5-a8c2-43b2-af6d-42ff776e2e0b
pdf -> zip -> wsf -> obama251
-
In this video I identify #QakBot (#QBot) C2 traffic to 80.47.61[.]240 and pivot on the JA3 hash to find an additional C2 server on 185.80.53[.]210. Thanks to @malware_traffic for sharing the #PCAP file!
https://netresec.com/?b=233eaa1 -
ISC Diary: @malware_traffic reviews BB17 distribution #Qakbot (#Qbot) infection traffic https://i5c.us/d29592
-
Malware naming and aliases suck. Malpedia is a good step in the right direction, but let's add some automation.
Introducing @malias (MalwareAlias), your friendly infosec bot. If you mention it, it will answer to your toot, providing alias-information about any tagged malware family in your toot.
Let's hear it for #Ryuk and #Qbot
(Note that malias is currently looking for any alias on malpedia, thus there may be some false-positives. This may change in the future.)Want this for all your toots automatically? Just follow @malias.
-
#qbot now using embedded .jse in .one files:
https://app.any.run/tasks/5a7bd950-725c-4f5e-851e-d68dfdf94dd5
-
Incoming BB14 #qbot .one campaign, hijacked threads, OneNote names:
item.one
notes.one
cancellation.onedll links:
https://nerulgymkhana[.]com/CCoN/01.gif
https://tassoinmobiliaria[.]com/56G0/01.gifc2:
92.177.204.2hash:
7a8860f6975853e167c121a6c28b3f60c011e8aa93130856f73d9df688ec589f -
📬 Windows: Zero-Day-Lücke lässt QBot Dein System infiltrieren
#Hacking #Malware #MarkoftheWeb #PhishingMail #QBot #Signaturblock #SmartScreen #windows #ZeroDayLücke https://tarnkappe.info/artikel/malware/windows-zero-day-luecke-laesst-qbot-dein-system-infiltrieren-259367.html -
📬 Windows: Zero-Day-Lücke lässt QBot Dein System infiltrieren
#Hacking #Malware #MarkoftheWeb #PhishingMail #QBot #Signaturblock #SmartScreen #windows #ZeroDayLücke https://tarnkappe.info/artikel/malware/windows-zero-day-luecke-laesst-qbot-dein-system-infiltrieren-259367.html
