QBot malware operation examined

QBot malware, also known as QakBot and Pinkslipbot, has been leveraging an adaptable command-and-control infrastructure, with half of its servers only active for a week and a quarter only active for a day, according to The Hacker News. Residential IPs and compromised web servers, instead of virtual private servers, have been used by QBot to hide its C2 infrastructure, a report by Lumen Black Lotus Labs researchers Steve Rudd and Chris Formosa showed.

Source: SC Magazine

 


Date:

Categorie(s):

Tag(s):