By malware standards, the banking trojan Qbot is long in the tooth, but it still has some bite, according to researchers who say it has added some detection and research evasion techniques to its arsenal.
"It has a new packing layer that scrambles and hides the code from scanners and signature-based tools," wrote Doron Voolf, malware analyst at F5 Labs (part of F5 Networks), in a recent company blog post. "It also includes anti-virtual machine techniques, which helps it resist forensic examination."
F5 Labs discovered the new additions while analyzing a Qbot sample that was detected earlier this year. Active since 2008, Qbot is designed to collect victims' browsing activity and steal their bank account credentials via keylogging, credential theft, cookie exfiltration, and process hooking, Voolf notes.
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.