Wed. Sep 28th, 2022

Windows 10 users need to be high alert due to the resurgence of the nasty QBot bug. This malware first reared its ugly head back in 2007, but now it’s back and more terrifying than ever. According to security experts at Digital Forensics and Incident Response (DFIR), this latest threat can give hackers full access to personal files such as emails, passwords and web browsing history within 30 minutes of the initial infection taking place.

That’s hardly enough time for PC owners to realise they have downloaded malware – let alone identify it, safeguard their data, and remove the threat.

The malware appears to be spreading via fake phishing emails which try to trick users into downloading the bug with subject lines that include tax payment reminders, job offers, and even COVID-19 alerts.

Even more worrying is that the bug appears to be able to jump between PCs that are connected on a network, which is helping it spread further and faster. DFIR says it first spotted the QBot’s return in October with infections continuing to take place at an alarming rate.

Explaining more about the issue, DFIR published a report that read: “Thirty minutes after initial access, Qbot was observed collecting data from the beachhead host including browser data and emails from Outlook. At around 50 minutes into the infection, the beachhead host copied a Qbot dll to an adjacent workstation, which was then executed by remotely creating a service. Minutes later, the beachhead host did the same thing to another adjacent workstation and then another, and before we knew it, all workstations in the environment were compromised.”

If you get an email from an untrusted source, the advice is to delete it without delay. Experts warn to never download any attachments that might be linked to the message.

Speaking about the reemerging threat, Shaun Dewhirst, Digital Privacy Expert at ProPrivacy, said: “History has a tendency to repeat itself, and the same is true of Qbot malware, which first darkened the doorsteps of our PCs back in 2007.

“Whilst this is an old piece of malware, it doesn’t mean it is less dangerous to your device. This nasty piece of code can steal your bank passwords, your personal data, and even pull information from your emails within 30 mins of infection – compromising your privacy and security.

“Qbot is known to disguise itself as legitimate-looking programs and also within links. Take reasonable safety precautions, never click on links embedded in unsolicited emails, even if they appear to be from trusted senders, and always make use of the latest antivirus programs.”


Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Wizadclick | WAC MAG 2022