Tag: banking trojan
There is no cease-fire in the continuing battle against malware. Qbot, a banking trojan malware active since 2008, is back in business with new functions and new stealth capabilities. In the past 12 years, this malware has gone by a handful of names, including Qakbot and Pinkslipbot. Despite all the variations and evolutions, Qbot’s main…
Read MoreThe IcedID malware, also known as Bokbot, is a banking trojan first discovered in 2017 that steals credentials by tricking browser functions into redirecting traffic. It is a stealthy, fileless malware with anti-sandbox capabilities. Previously, F5 Labs analyzed IcedID decompression methods for web injecting relevant files into a target list. This is a much deeper…
Read MoreMaliBot’s C2 IP has been used in other malware smishing campaigns since June 2020, which raises questions about how the authors of this malware are related to other campaigns (see Campaign Screenshots). How MaliBot Works Android ‘packers’ are becoming increasingly popular with malware developers since they allow native code to be encrypted within the mobile…
Read More