Qbot Malware Spreading through Advanced Social Engineering Techniques and Malicious PDF Attachments

Kaspersky, a cybersecurity company, recently detected an increase in the spread of Qbot malware through a campaign that relied on malicious emails with PDF attachments targeting corporate users

Kaspersky, a cybersecurity company, recently detected an increase in the spread of Qbot malware through a campaign that relied on malicious emails with PDF attachments targeting corporate users. The attackers use advanced social engineering techniques by intercepting business correspondence and redirecting malicious PDF attachments to the same email chains. This method is unusual for using such malware, making it even more dangerous. The campaign started on April 4, 2023, and has already sent more than 5,000 emails containing PDF attachments in different countries.

Qbot malware belongs to the notorious class of Trojans that target banks and operate as part of a botnet. It can seize data, including passwords and work correspondence, allowing attackers to take control of the infected system and install ransomware or other Trojans on more machines within the same network. Malware operators use various distribution schemes, and this campaign is using emails with malicious attachments in PDF format, which has not been seen on a large scale before.

The malware is distributed through a victim’s business correspondence captured by cybercriminals. They then send an email to all participants in the thread, usually asking them to open the attached malicious PDF file under various seemingly suspicious circumstances. To protect companies from related threats, Kaspersky recommends verifying the sender’s address, avoiding urgent messages, providing basic training to employees on cyber intelligence, and using endpoint and mail server protection solutions with anti-phishing capabilities.

Malware analysis expert at Kaspersky, Daria Ivanova, warns that Qbot is very harmful, and attackers are constantly improving their techniques, adding more and more new elements that seem convincing to victims in social engineering methods, increasing the possibility of employees falling victim to this deceptive ploy. Therefore, companies should maintain the highest levels of vigilance and carefully check for red flags, such as spelling of the sender’s email address, strange attachments, and grammatical errors.

The content of the PDF file simulates the Microsoft Office 365 or Microsoft Azure logo, and if the user clicks the “Open” option, the malicious archive is downloaded to the computer from a remote server, such as a hacked website. Kaspersky experts conducted a detailed technical analysis of this process to protect companies from related threats. They recommend installing a trusted security solution, such as Kaspersky Secure Mail Gateway, which automatically filters out unwanted messages, and using endpoint and mail server protection solutions with anti-phishing capabilities, such as Kaspersky Endpoint Security for Business.

Don’t Stop Here

More To Explore

solar eclipse eclipse solar eclipse 2024 solar eclipse 2023 eclipse 2024 eclipse 2023 2023 eclipse 2023 solar eclipse april 8 2024 eclipse 2024 total eclipse 2023 solar eclipses 2024 sun eclipse eclipse april 8 2024 eclipse lunar eclipse eclipse of the sun 2024 eclipse solar eclipse eclipse2023 lunar eclipses solar and eclipse solar eclipse solar eclipse solar solar eclipse solar sun eclipse total eclipse in 2024 total eclipse 2024 total solar eclipse 2024 next solar eclipse total eclipse next eclipse total solar eclipse april 2024 eclipse annular solar eclipse annular eclipse 2023 lunar eclipse 2023 annular eclipse eclipse april 2024 april 2024 solar eclipse solar eclipse april 2024 annular solar eclipse 2023 eclipse today 2023 annular eclipse total eclipse of the sun 2024 sun eclipse 2024 totality eclipse 2024 total eclipse april 2024 8 april 2024 eclipse lunar penumbral eclipse october 2023 eclipse of 2024 eclipse of sun today eclipse penumbral eclipse timer full eclipse of the moon lunar eclipses 2023 next eclipse of the sun solaire eclipse solar eclipse of april 20 2023 solar eclipse of october 14 2023 solar eclipse today solar v lunar eclipse sun eclipse next total solar eclipse in 2024 upcoming sun eclipse sun eclipse next total solar eclipse eclipse 2022 great american eclipse 2024 total solar eclipse 2023 total eclipse 2023 next eclipse 2023 full solar eclipse 2024 full eclipse 2024 upcoming solar eclipse full solar eclipse next total eclipse eclipse april 2023 sun eclipse 2023 iso 12312 2 next eclipse 2024 next full solar eclipse total lunar eclipse april eclipse 2024 next solar eclipse 2023 future solar eclipses eclipse in 2024 solar and lunar eclipse full eclipse 2023 2023 total solar eclipse 1993 eclipse 2017 eclipse 2017 solar eclipse 2017 total solar eclipse 2019 eclipse 2022 solar eclipse 2024 solar eclipse best viewing april 20 eclipse april 8 2024 solar eclipse april 8 2024 total solar eclipse april eclipse 2023 april solar eclipse 2024 eclipse 1994

Experience the Solar Eclipse with The Eclipse App: Your Ultimate Companion

An innovative app, tailored to enhance your observation of the total solar eclipse on April 8, 2024, has risen to prominence on the App Store. Titled simply “The Eclipse App,” it has amassed over 140,000 lifetime downloads on both iOS and Android platforms. This app serves as a comprehensive tool for experiencing the celestial event, providing features such as cloud cover forecasts, precise timing for totality at your specific location, and details on local events, parks, and viewing sites in your vicinity.

Twitter Introduces Payments for Verified Creators' Advertisements in Replies, Elon Musk Announces

Brazil Investigates Elon Musk Over X Dispute

Brazil has launched an investigation into Elon Musk over potential obstruction of justice following X’s reversal of a decision to block certain profiles in the country.