Despite authorities dismantling their botnet and seizing their infrastructure, the Qakbot malware gang keeps staging cyberattacks. Even though physical arrests weren’t made, researchers believe the cybercriminals may rebuild and continue their activities. The focus is on the Ransom Knight ransomware and the Remcos backdoor, both allegedly distributed via phishing emails by Qakbot. The latter has reportedly caused hundreds of millions in losses since 2008.
Chinese PlushDaemon APT Targets S. Korean IPany VPN with Backdoor
China-backed Advanced Persistent Threat (APT) group PlushDaemon has been infiltrating legitimate update channels on a popular South Korean VPN, according to cybersecurity firm ESET. The
