Domber

Domber

Local
Статус
Offline
Joined
7/6/21
Messages
20
Reaction score
2
🔥 About the "QBOT" botnet.

The malicious infrastructure, active since 2007, has survived to this day. But how?

Researchers from Lumen Black Lotus Labs conducted (https://blog.lumen.com/qakbot-retool-reinfect-recycle/) an analysis of the extremely widespread QBot botnet. It turned out that 25% of its C2 servers[?] are active for no more than a day, and 50% are active for no more than a week. This demonstrates the adaptive and dynamic infrastructure of Melvar.

By the way, their attackers have constantly improved their tactics over the years to penetrate victims' systems using various methods, such as email hijacking, HTML smuggling, and using unusual attachments to bypass security[?]

And in just a week, from 70 to 90 new QBot servers appear.

The “dandelion” in the last photo is the botnet infrastructure. Beautiful, is not it?
 
Top