Email Threads Hijacked By The QBot Trojan – Security Expert Insight

Research released today by Check Point, revealing that the QBot Trojan operators are using new tactics to hijack legitimate, emailed conversations in order to steal credentials and financial data.

Experts Comments

August 28, 2020
Dr. Vinay Sridhara
CTO
Balbix
Today it was reported that the QBot Trojan operators are using new tactics to hijack legitimate, emailed conversations in order to steal credentials and financial data. The QBot Trojan’s malware is able to steal browsing data, email records, and even banking credentials. It is also able to install additional malware and ransomware, such as mimikatz, which harvests credentials. Basically, QBot preys on several common end user weaknesses. One of the ways that companies can help their.....Read More
Today it was reported that the QBot Trojan operators are using new tactics to hijack legitimate, emailed conversations in order to steal credentials and financial data. The QBot Trojan’s malware is able to steal browsing data, email records, and even banking credentials. It is also able to install additional malware and ransomware, such as mimikatz, which harvests credentials. Basically, QBot preys on several common end user weaknesses. One of the ways that companies can help their employees from falling victim to this malware and other cyber threats, is to teach password management and hygiene, as hackers are taking advantage of rampant password reuse. The fact is, the average password is reused 2.7 times, with 99% of users reusing passwords either across work accounts or between work and personal accounts, according to a recent report. Additionally, it's important to engage with your users continuously on appropriate cyber hygiene. With the initial payload delivered via URLs in documents, training is an important factor. It's helpful to keep track of your highest risk users as well, via automated, AI-based tools that identify risky behavior that's likely to lead to phishing or malware downloads.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.