Security news aggregator

Latest coverage for Qakbot

The Qakbot malware family is covered through reported incidents, technical analysis, infrastructure findings, disruption efforts, and defensive guidance.

8 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Qakbot (Qbot) is a Windows malware family first identified around 2009. It evolved from a banking-information stealer into a modular backdoor that can log keystrokes, steal credentials, exfiltrate data, and download additional payloads. Reported compromises have also used it as a delivery layer for other malware, including ransomware. Its botnet functionality enables infected hosts to communicate with attacker-controlled infrastructure.

Qakbot matters because a successful phishing infection can expose credentials and create a path for follow-on malware. Defenses include filtering suspicious attachments and links, applying security updates, using multifactor authentication where possible, and monitoring unusual process, network, and authentication activity. When detected, isolate the host, preserve email and endpoint telemetry, reset potentially exposed credentials, and check other systems for related indicators or payloads. Threat intelligence on Qakbot infrastructure can help block activity and scope an incident, but indicators should be validated because infrastructure and artifacts change.

Volume over time

Weekly headline count for the current query.

Showing 8 most recent headlines Filtered view