QakBot
Jan. 28, 2025 ∘ 4 days ago
Botnet
Bank Trojan
Stealer
Trojan
Loader
QakBot (also known as QBot) is one of the most active banking Trojans in the world, which later transformed into a modular multipurpose botnet.
The main functionality is the theft of credentials to log in to financial services: interception of usernames and passwords (keylogging, web injections), cookies. The most recent versions of the Trojan have received email theft functionality to conduct BEC attacks and increase the likelihood of compromising systems.
In addition, the QakBot botnet is used as a means of delivering other malicious computer programs, in particular, TrickBot and Emotet.
It was first discovered in 2007.
Aggression
Activity dynamics
Malicious infrastructure growth dynamics
Countries where most part of the malicious infrastructure is located
Malicious infrastructure map
Malicious infrastructure rose
Extensions of captured samples

March 22, 2022, noon
1852
The king of the botnet world is rapidly restoring his former greatness in cyberspace and is building up an army of infected users' computers around the world

April 14, 2022, 1:22 p.m.
1823
One of the most popular stealers among the cybercriminal underground became a victim of the dramatic events in Ukraine and ceased to exist