There are so many threats lurking in the cyber world today that it’s hard to keep up with them all.

There is one of which attacks have been regularly reported and that over time seems to have sophisticated its action on the systems it infects.

Is about Qbot, also known as Qakbot or QuakBotwhich constitutes a long-standing threat in the digital world being conceived in 2007 in order to harm the Windows system, making this a true antiquity in the field of ransomware.

In this sense, Qbot is characterized by penetrating Windows through phishing emails, as well as by exploiting bugs made to services such as Microsoft Outlook.

This is where it was recently detected that the malware had been incorporated with the ability to read email threads in order to replicate them and make them look as authentic as possible when deploying their fraudulent action.

This is how the people in charge of manipulating the malware use phishing messages posing as different services and inviting the user to click on links that falsely allude to job offers, tax payment reminders or COVID-19 alerts.

Also, Qbot can obtain data from browsers and online banking passwords. A recent case that strongly attracted the attention of the team involved in the investigation was that of a Microsoft Excel document that came infected with the malware.

This file had been configured so that when you click to start its download will activate the download of Qbot from a web page and then call a Windows scheduling task that would grant this access to the system.

It was reported that, after 30 minutes of having penetrated the system, Qbot had obtained data from the host, among which were the browser data and Outlook emails.

Then the host proceeded to make a copy of a Qbot dll and to distribute it to the different adjacent workstations, so that after almost an hour the system of all the stations was completely taken over by the malware.