Qakbot malware is being distributed again, just a few months after its infrastructure was dismantled by law enforcement. The new wave of attacks, targeting hospitality sector organizations, is currently at a low volume but is expected to increase. Distributed through phishing emails, the malware has demonstrated a new version and found to be initiated via a fraudulent IRS employee email. Long-standing since 2007, Qakbot was initially a banking Trojan but has since evolved to a malware-as-a-service model.
US healthcare company, Change Healthcare, has been targeted by the hacker collective ALPHV/Blackcat, which claimed to have stolen sensitive health data of millions of Americans.