Skip to main content

Persistent Banking Trojan Virus Launches New Phishing Scam

By May 13, 2019May 21st, 2021Cybersecurity

The venerable banking Trojan known as Q-bot is back in the news, having recently been spotted in the wild as part of a sophisticated new phishing campaign designed to claim a new generation of victims.

Q-bot is one of the oldest banking Trojans still in use, and has a history that stretches back more than a decade.

In this most recent incarnation, the malware is being delivered via an email which appears to be a reply to an existing email chain.  The body of the email contains a poisoned link which, if clicked will install the malware in the background.

Once in place, it creates a backdoor to the compromised machine in question, allowing hackers access any time they like.  It also serves as a key logger and general spy. It can steal financial data, banking data, other logins, credentials, and of course, makes it possible for the hackers to install additional malware as they see fit.

The reason Q-bot is still enjoying use of stolen data is that it’s very good at what it does, and the developers of the code have taken steps to keep it up to date.  This, combined with finding new and innovative ways of introducing the Trojan onto target systems has made it as close to a persistent threat as we’ve seen when it comes to malicious code.

The latest campaign appears to borrow from the success of a similar campaign launched last year involving a Trojan with comparable functionality called Emotet.

This serves as confirmation that different hacking groups around the world are learning from one another, comparing notes, and developing an increasingly robust set of best practices. All this makes it increasingly more difficult to effectively defend against such threats.  Stay vigilant and be sure to remind your employees never to open emails or click links inside emails, even if they appear to be from a trusted source.

Jason Manteiga

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.

Leave a Reply