Security News > 2024 > February > New Qbot malware variant uses fake Adobe installer popup for evasion
One of the variants observed uses on Windows a fake installer for an Adobe product to trick the user into deploying the malware.
Sophos' Advanced Threat Response Joint Task Force, or Sophos X-Ops for short, noticed fresh Qbot activity recently, with up to 10 new malware builds emerging since mid-December.
The new developments regarding Qbot have also been noticed by researchers at cloud security company Zscaler, who published in late January a technical report about the malware and its evolution since 2008.
Qakbot presents a misleading popup suggesting Adobe Setup is running on the system, to trick users with bogus installation prompts that launch the malware regardless of what is clicked.
Qbot malware returns in campaign targeting hospitality industry.
Google: Russian FSB hackers deploy new Spica backdoor malware.