By malware standards, the banking trojan Qbot is long in the tooth, but it still has some bite, according to researchers who say it has added some detection and research evasion techniques to its arsenal.

"It has a new packing layer that scrambles and hides the code from scanners and signature-based tools," wrote Doron Voolf, malware analyst at F5 Labs (part of F5 Networks), in a recent company blog post. "It also includes anti-virtual machine techniques, which helps it resist forensic examination."

F5 Labs discovered the new additions while analyzing a Qbot sample that was detected earlier this year. Active since 2008, Qbot is designed to collect victims' browsing activity and steal their bank account credentials via keylogging, credential theft, cookie exfiltration, and process hooking, Voolf notes.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.