Despite authorities seizing the infrastructure and financial assets of the Qakbot malware gang in August, the group continued their cyberattacks. Cisco Talos researchers suggest the gang was distributing Ransom Knight ransomware and Remcos backdoor via phishing emails prior to the take-down. They provide evidence suggesting that the FBI-led operation didn’t impact the group’s spam delivery infrastructure.
Chinese PlushDaemon APT Targets S. Korean IPany VPN with Backdoor
China-backed Advanced Persistent Threat (APT) group PlushDaemon has been infiltrating legitimate update channels on a popular South Korean VPN, according to cybersecurity firm ESET. The
