After being in the news for more than 10 years, the trojan virus known as Qbot has once again been spotted in the wild, ready to provide hackers with access to the machines bankers and others in the finance industry use every day.
Qbot is unique in that very few trojans are still in use after so many years. Delivered via email, Qbot is hidden in what looks like an existing chain and, therefore, seems friendly. Inside the email is a link that, when clicked, automatically downloads the malicious file and installs it in the background. All of this happens without the user being aware.
Today, hackers that developed Qbot are using spamming techniques and piggybacking on other common malware programs, like Emotet, to infect new victims.
How Does Qbot Work?
Qbot is essentially a backdoor into the user’s computer system, providing access for hackers whenever they choose. What's more, Qbot also acts as a keylogger, tracking each key press on the infected computer. This gives hackers all the information they need to wreak havoc on business systems and steal valuable data. Qbot even allows hackers to install new malicious software whenever they want.
Most hackers use trojans and other malware for a limited time to get what they’re after, and then retire the program. Qbot, on the other hand, has been continually updated to fight newer security protocols and continues to be a problem after all these years. In many ways, Qbot is one of the most persistent computer threats ever to face the financial services industry.
How Qbot Uses Other Prevalent Malware
Other successful trojans, like the malware known as Emotet, have helped pave the way for Qbot’s continued success. Emotet began as malware that was designed solely to invade computers and steal private information. Later versions have given Emotet the ability to spam existing computer systems and carry other viruses with it. More spam means more opportunities for banking employees to fall for the trap. Using these delivery strategies, Qbot will continue to cause problems for the foreseeable future.
Because they use similar strategies, it’s now clear that hacker groups are sharing techniques and methodologies to determine the best ways to get around modern information security. This robust set of best practices they have developed makes it a continual struggle to keep businesses defended.
Where Strategic Network Consulting Comes In
In light of all of this, it’s important to keep your employees up to date and aware of the cyber-risks they may face every day. Remember: Be wary of emails, especially those containing links, even if they come from friendly sources.
At, Strategic Network Consulting, we offer cybersecurity training for employees, sophisticated anti-malware tools, and a general expertise in cybersecurity that allows you to remain safe from persistent cyberthreats like Qbot and others. If you are unsure of the state of your cybersecurity profile, why not have us come by and take a look?