AdvisoryAdvisoriesCISAAA23-242A

August 30, 2023

QakBot Malware Evolving

August 30, 2023

What we know so far

QakBot, a long-standing cyber threat also known as Qbot or Pinkslipbot, has been causing numerous malware infections worldwide since at least 2008. Originally a banking trojan, it has evolved into a versatile botnet capable of various malicious activities, including data theft and ransomware distribution. QakBot's modular design enables it to persist in the digital environment, and compromised devices are often sold to further the attacker's objectives. It has targeted critical sectors such as finance, emergency services, and elections infrastructure, prompting the FBI and CISA to recommend implementing mitigation measures to prevent QakBot infections and identify related threats. Disrupting QakBot does not eliminate other installed malware, so prompt incident response is crucial.

Arrow Right

Schedule a test

Subscribe to advisory alerts

Be immediately notified of new advisories and associated security tests

More advisories