Security News > 2023 > November > DarkGate and Pikabot malware emerge as Qakbot’s successors
A sophisticated phishing campaign pushing the DarkGate malware infections has recently added the PikaBot malware into the mix, making it the most advanced phishing campaign since the Qakbot operation was dismantled.
In a new report by Cofense, researchers explain that the DarkGate and Pikabot campaigns use tactics and techniques similar to previous Qakbot campaigns, indicating that the Qbot threat actors have now moved on to the newer malware botnets.
As Qbot was one of the most pervasive malware botnets distributed through email, and both DarkGate and Pikabot are modular malware loaders with many of the same features as Qbot, this poses a dire risk to the enterprise.
Over the past Summer, there has been a massive increase in malicious emails pushing the DarkGate malware, with the threat actors switching to installing Pikabot as the primary payload in October 2023.
The final payload used in these attacks was the DarkGate malware through September 2023, which was replaced by PikaBot in October 2023.
Microsoft Teams phishing attack pushes DarkGate malware.