Qakbot Activity is on the Rise: Understand the Risks

What is Qakbot?

Banking trojans are considered one of the most dangerous types of malware. When they have successfully infected a targeted computer, cybercriminals are able to steal money from victims’ online banking accounts and e-wallets. Active since 2007, Qakbot, also known as Qbot, QuackBot, and Pinkslipbot, is a common banking trojan that has expanded its capabilities to include performing reconnaissance and stealing data. Qakbot is continuously maintained and developed and has evolved from a banking trojan information stealer, to form botnets, and into a delivery agent for ransomware. Typical delivery is via email as malicious attachments, hyperlinks, or embedded images. It’s a customizable chameleon for threat actors, making this trojan one of the most powerful and dangerous among existing examples of this malware type.

Qakbot risks are increasing

The risk to small and medium-sized businesses is high, and it’s rising. The Cybersecurity and Infrastructure Security Agency (CISA) listed Qakbot as one of the top five most-used malware strains of 2021. In the first seven months of 2021, it grew by 65% in comparison to the same period in 2020. In the last quarter of 2022, Huntress reported seeing a 400% increase in Qakbot cases in comparison to the rest of 2022.

How to protect your organization from Qakbots

The team of experts at Locknet Managed IT can help protect your organization from Qakbot activity with the following tools and services.

• Multi-Factor Authentication (MFA). Multi-factor authentication is a process that requires a 2nd form of authentication when a user tries to log into an email system or other system.
• Password Manager. Use a password manager solution with a convenient password generator to uniquely configure your passwords automatically.
• Security Education and Awareness Training. It is essential to educate your staff on how to identify suspicious activity and malicious attachments. Your employees should complete essential security awareness and education training on a scheduled basis.
• Cybersecurity Monitoring. Modern cybersecurity Monitoring solutions will detect compromises in your company accounts.

Contact us to learn more.