QBot: Phishing Control Panel

According to what emerged recently, the emails of phishing who distribute the malware name of the thing QBot exploit a DLL hijacking bug In the control Board From Windows 10 operating system In order to infect the computers of targeted users, possibly in an attempt to avoid detection by security software used.

QBot works from the Windows 10 Control Panel

QBot, otherwise known as I crouched, is a malware targeting Windows operating systems that started as a banking Trojan and has evolved into a full-fledged malware. Other well-known ransomware, including Black Basta, Egregor, and Prolock, also use malware to gain initial access to corporate networks.

Keep in mind that DLL hijacking is nonetheless an attack technique on Windows, which takes advantage of the way DLLs are loaded into the operating system.

More specifically, when a Windows executable is launched, it looks for any DLL dependencies in the operating system’s search path. However, if the attacker creates a malicious DLL using the same name as one of the DLLs required by the program and stores it in the same folder as the executable file, the program loads the malicious dependency and thus infects the computer.

Although QBot is able to evade any security software used on Windows, it is still a good idea to have a good antivirus installed on the system, as in Norton 360 Premium which is also currently discounted compared to the actual subscription price.

This article contains affiliate links: purchases or orders made through these links will allow our site to earn a commission. Offers may be subject to price changes after publication.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *