Phishing Attack Hijacks Users Mail Chats To Spread Malware

Share post:

Cybersecurity researchers at Sophos have uncovered a botnet called Qakbot. Qakbot can hijack email threads to spread itself to more victims.

Qakbot which has been in use since 2008 is capable of delivering malware, ransomware, and other malicious payloads.

Once installed on a compromised device, Qakbot downloads a payload that hunts for email accounts. Passwords and usernames needed to access these emails are stolen in the process.

Qakbot quotes the original message from a compromised account while replying to the message. This, therefore, makes the response look more authentic.

Users who open the file attached may likely get their device compromised. Sensitive information and accounts could then be stolen by the botnet.

Users are advised to verify messages they receive even if it is from known contacts.

“The best way to protect yourself is to train yourself to recognize when a message is out of character with the person allegedly sending it, and not to click the link to download the zip file. Verify that they intended to send you the file before you open it,” Andrew Brandt, principal researcher at Sophos Labs disclosed.

For more information, read the original story in ZDNet.

SUBSCRIBE NOW

Related articles

Cyber Security Today, May 20, 2024 -Ransomware gang claims it hit a Canadian internet provider

A ransomware gang claims it hit a Canadian internet provider. Welcome to Cyber Security Today. It's Monday May 20th,...

Cyber Security Today, Week in Review for week ending Friday May 17, 2024

Welcome to Cyber Security Today. This is the Week in Review for the week ending Friday, May 17th,...

Cyber Security Today, May 17, 2024 – Malware hiding in Apache Tomcat servers

Malware hiding in Apache Tomcat servers, new backdoors found, and more Welcome to Cyber Security Today. It's Friday, May...

MIT students exploit blockchain vulnerability to steal 25 million dollars

Two MIT students have been implicated in a highly sophisticated cryptocurrency heist, where they reportedly exploited a vulnerability...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways