Multiple sources are confirming the resurgence of Qakbot malware mere months after the FBI and other law enforcement agencies shuttered the Windows botnet.
Microsoft Threat Intelligence reckons a new Qakbot phishing campaign is active as of December 11 but attack attempts are currently low in volume.
The gang targets the hospitality sector, initially using phishing emails containing malicious PDF attachments that they’ve doctored to look like they come from the US Internal Revenue Service (IRS).