The crafty Qakbot trojan has added ransomware delivery to its malware building blocks.
Qakbot, a top trojan for stealing bank credentials, has in the past year started delivering ransomware and this new business model is making it harder for network defenders to detect what is and isn't a Qakbot attack.
Qakbot, is an especially versatile piece of malware, and has been around for over a decade and survived despite multi-year efforts by Microsoft and other security firms to stamp it out. Qakbot in 2017
adopted WannaCry's lateral movement techniques, such as infecting all network shares and drives, brute forcing Active Directory accounts and using the SMB file-sharing protocol to create copies of itself.
