Qakbot malware is being distributed again, just a few months after its infrastructure was dismantled by law enforcement. The new wave of attacks, targeting hospitality sector organizations, is currently at a low volume but is expected to increase. Distributed through phishing emails, the malware has demonstrated a new version and found to be initiated via a fraudulent IRS employee email. Long-standing since 2007, Qakbot was initially a banking Trojan but has since evolved to a malware-as-a-service model.
SmokeLoader malware aimed at multiple Ukrainian industries, using bug in file archiver
Russian hackers have exploited a vulnerability in popular file archiver 7-Zip to infiltrate Ukrainian governmental and private organisations with SmokeLoader malware, says Tokyo-based cybersecurity firm
