About QakBot

QakBot, also known as Qbot, is a sophisticated banking Trojan that has been active since at least 2007. It is primarily designed to steal sensitive financial information, such as banking credentials and personal data, from infected systems.

How it works?

QakBot typically infects systems through phishing emails or malicious downloads. Once it infiltrates a system, it establishes persistence by modifying system settings and registry entries.

It then employs various techniques to evade detection, such as polymorphic code and encryption. QakBot also has the ability to self-propagate within a network, making it particularly dangerous in corporate environments.

What is the target?

QakBot primarily targets financial institutions, including banks and payment processing systems. However, it is not limited to the financial sector and can also compromise personal computers to steal sensitive information from individuals.

Additionally, QakBot has been observed targeting organizations across various industries, including healthcare, manufacturing, and government agencies.

Who created it?

The creators of QakBot are believed to be an organized cybercrime group, although their identity remains largely unknown. They continuously update and evolve the malware to evade detection and enhance its capabilities.

QakBot is often distributed through underground forums and sold as a service to other cybercriminals, highlighting the lucrative nature of the malware economy.

Warning

The information provided on this website is intended for educational purposes only. It should not be used to create, distribute, or execute any malicious software. We strongly condemn the use of malware for illegal or unethical activities.

Malware samples can cause harm to your computer system and compromise your security. Handle these samples with extreme care and only in isolated environments. Do not execute these samples on any system connected to the internet or any network containing sensitive information.

The maintainer and contributors of this repository, both past, present, and future, are not responsible for any loss of data, system damage, or other consequences resulting from the mishandling of the samples provided herein. Caution is advised when testing any file present in this repository.

View Sample on GitHub