Malware "Qakbot" is back!  [29.12.23]

In the new small-scale phishing campaign, Qakbot attempted to spread malware. The phishing The phishing emails were initially aimed at the hospitality industry. The emails contained a supposed PDF file, with the name of the file suggesting a guest list. A preview could not be was not displayed, which was intended to entice the user to download the file. Instead of a PDF file, however, an MSI file was downloaded. If this file is executed, the malware Qakbot (DLL file) is loaded into the working memory.

Please remain vigilant with regard to phishing emails:

• In particular, you should not click on attachments or links that appear suspicious or come from an unknown sender. This is especially true if the sender asks for money or personal information.
• Before clicking on a link, position the mouse pointer on the sensitive link area and wait briefly without clicking. The so-called mouseover shows the link target and this can be better assessed.
• If you have received a corresponding e-mail, delete this e-mail.
• If you have clicked on a malicious link, inform the IT security department immediately. They will decide on further measures.

Back to All news