QakBot. Rendering of graphs and diagrams ...
QakBot  
  Jan. 28, 2025 ∘ 4 days ago
Botnet Bank Trojan Stealer Trojan Loader

QakBot (also known as QBot) is one of the most active banking Trojans in the world, which later transformed into a modular multipurpose botnet.

The main functionality is the theft of credentials to log in to financial services: interception of usernames and passwords (keylogging, web injections), cookies. The most recent versions of the Trojan have received email theft functionality to conduct BEC attacks and increase the likelihood of compromising systems.

In addition, the QakBot botnet is used as a means of delivering other malicious computer programs, in particular, TrickBot and Emotet.

It was first discovered in 2007.

Aggression 

Activity dynamics 

Malicious infrastructure growth dynamics  

Countries where most part of the malicious infrastructure is located 
Malicious infrastructure map 

Malicious infrastructure rose 

Extensions of captured samples 

March 22, 2022, noon
   
1852

The king of the botnet world is rapidly restoring his former greatness in cyberspace and is building up an army of infected users' computers around the world
April 14, 2022, 1:22 p.m.
   
1823

One of the most popular stealers among the cybercriminal underground became a victim of the dramatic events in Ukraine and ceased to exist