A new twist on an old malware is making a big splash.
The malware in question is called Qakbot. It’s a little like ransomware in that it locks files on an infected computer, but it differs in that it locks out Active Directories and steals credentials in order to spread to other nearby systems.
Qakbot has also been updated in its latest iteration. It’s very good at hiding its code. It’s also very adept at hiding from antivirus software because it’s constantly changing itself, evolving or morphing to make it harder to overcome.
Enterprises are the primary target of Qakbot. It infects systems in a number of common ways, through malignant downloads, phishing and the like. It can also be spread through devices and external drives, as well as through network connections.
Qakbot shows signs of targeting enterprises worldwide, so all businesses everywhere should be on the lookout. The best way to guard against a Qakbot infection is to make sure you’re up to date on all your systems and to make sure you and your employees follow best practices for preventing cyberattacks.