Thursday, January 20, 2022

Decrypting Qakbot’s Encrypted Registry Keys

Decrypting Qakbot’s Encrypted Registry Keys

Since the return of the Qakbot Trojan in early September 2021, especially through SquirrelWaffle malicious spam campaigns, we’ve received a few Qakbot samples to analyze from our Trustwave DFIR and Global Threats Operations teams.

Qakbot is a banking Trojan that has been around since 2007. It has been continually developed, with new capabilities introduced such as lateral movement, the ability to exfiltrate email and browser data, and to install addi…

Read More

Latest news
Related news