Phishing Attack Hijacks Users Mail Chats To Spread Malware

Share post:

Cybersecurity researchers at Sophos have uncovered a botnet called Qakbot. Qakbot can hijack email threads to spread itself to more victims.

Qakbot which has been in use since 2008 is capable of delivering malware, ransomware, and other malicious payloads.

Once installed on a compromised device, Qakbot downloads a payload that hunts for email accounts. Passwords and usernames needed to access these emails are stolen in the process.

Qakbot quotes the original message from a compromised account while replying to the message. This, therefore, makes the response look more authentic.

Users who open the file attached may likely get their device compromised. Sensitive information and accounts could then be stolen by the botnet.

Users are advised to verify messages they receive even if it is from known contacts.

“The best way to protect yourself is to train yourself to recognize when a message is out of character with the person allegedly sending it, and not to click the link to download the zip file. Verify that they intended to send you the file before you open it,” Andrew Brandt, principal researcher at Sophos Labs disclosed.

For more information, read the original story in ZDNet.



Related articles

Okta’s login flaw exposes users to attack, says Mitiga

According to Mitiga, Okta's login system contains a simple error that could expose its users to future attacks. Users...

Congress committee chair to TikTok: ‘Your platform should be banned’

In response TikTok CEO says company is building a 'firewall' around American user data against fore

Beware of scammers using AI-generated voice clones, FTC warns

The Federal Trade Commission (FTC) issued a consumer alert warning people to be vigilant for calls using voice...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways