Close Menu
Read Us 24×7
    What's Hot
    SOA OS23

    SOA OS23: The Future Blueprint for Scalable, Agile Digital Systems

    May 29, 2025
    Inter vs. Estrella Roja

    Inter vs. Estrella Roja: Full Match Guide and Detailed Stats

    May 29, 2025
    VCWeather

    VCWeather.org: The New Face of Hyperlocal Weather Reporting

    May 28, 2025
    Facebook X (Twitter) Instagram Pinterest LinkedIn
    Trending
    • SOA OS23: The Future Blueprint for Scalable, Agile Digital Systems
    • Inter vs. Estrella Roja: Full Match Guide and Detailed Stats
    • VCWeather.org: The New Face of Hyperlocal Weather Reporting
    • Baltimore Orioles vs San Francisco Giants Match Player Stats
    • Benefits of Sukanya Samriddhi Yojana for Savings
    • 10 Best Automated Penetration Testing Tools
    • 7 Best Backlit Keyboards for Every Budget
    • Top 11 “Best Buy” Alternatives for Your Electronics Needs in 2025
    Facebook X (Twitter) Instagram Pinterest LinkedIn
    Read Us 24×7
    • Home
    • Technology
      SOA OS23

      SOA OS23: The Future Blueprint for Scalable, Agile Digital Systems

      May 29, 2025
      VCWeather

      VCWeather.org: The New Face of Hyperlocal Weather Reporting

      May 28, 2025
      Best Automated Penetration Testing Tools

      10 Best Automated Penetration Testing Tools

      May 13, 2025
      Backlit Keyboards

      7 Best Backlit Keyboards for Every Budget

      May 12, 2025
      Dark Oxygen

      Dark Oxygen: Redefining Our Understanding of Oxygen Production in the Deep Ocean

      May 9, 2025
    • Business
      Sukanya Samriddhi Yojana

      Benefits of Sukanya Samriddhi Yojana for Savings

      May 13, 2025
      7 Smart Ways to Earn Extra Money in 2025

      7 Smart Ways to Earn Extra Money in 2025

      May 10, 2025

      A Deeper Look at What It Is Like Working at a Prop Firm

      May 1, 2025
      FintechZoom.IO

      FintechZoom.IO: Revolutionizing Fintech in 2025

      April 7, 2025
      Crypto Management

      Unhosted: Revolutionizing Crypto Management with Advanced Wallet Technology

      March 20, 2025
    • Entertainment
      YouTube Audio Downloader

      YouTube Audio Downloader: Your Music Liberation Tool 🎵

      May 9, 2025
      Firestick

      10 Amazing Benefits of Owning a Firestick You Need to Know

      April 24, 2025
      nhentainet

      nhentai.net – Why It’s Attracting Global Attention?

      April 20, 2025
      chatgpts-ghibli-art-generator-goes-viral-why-is-everyone-obsessed

      ChatGPT’s Ghibli Art Generator Goes Viral – Why is Everyone Obsessed?

      March 29, 2025
      Taylor Swift's Producer Suggests New Album on the Horizon

      Taylor Swift’s Producer Suggests New Album on the Horizon

      March 28, 2025
    • Lifestyle
    • Travel
    • Tech Q&A
    Read Us 24×7
    Home » QakBot Malware Returns with New Phishing Tactics, Targets Hospitality Industry
    Technology

    QakBot Malware Returns with New Phishing Tactics, Targets Hospitality Industry

    Sayan DuttaBy Sayan DuttaDecember 19, 20235 Mins Read
    Share Facebook Twitter Pinterest LinkedIn Reddit Email WhatsApp
    QakBot Malware Returns with New Phishing Tactics, Targets Hospitality Industry
    Share
    Facebook Twitter LinkedIn Pinterest Email Reddit WhatsApp

    QakBot, a notorious banking trojan that has been around for more than a decade, has recently resurfaced with a new wave of phishing campaigns that target the hospitality industry. The malware is capable of stealing sensitive information, such as banking credentials, passwords, and personal data, from infected devices. It can also deliver additional malware, such as ransomware, to further compromise the security of the victims. This article will explore the return of QakBot malware, its new tactics in phishing campaigns, and the impact on cybersecurity governance.

    The Return of QakBot Malware

    What is QakBot?

    QakBot, also known as Qbot or Pinkslipbot, is a sophisticated banking trojan that was first discovered in 2009. It is designed to steal financial information, such as online banking credentials, credit card numbers, and transaction details, from infected computers. It can also collect other types of information, such as email addresses, passwords, browser history, and cookies. QakBot uses a modular architecture that allows it to update itself and download new features. It can also spread to other devices on the same network by exploiting vulnerabilities or using stolen credentials.

    Previous Disruptions

    QakBot has been involved in several high-profile cyberattacks over the years. In 2017, it was linked to a massive campaign that infected over 500,000 devices and caused millions of dollars in losses. In 2020, it was used to deliver ProLock and Egregor ransomware to several organizations, including the City of Florence in Alabama and the Kmart retail chain. In 2021, it was observed to be working with Emotet, another notorious banking trojan, to launch coordinated attacks on multiple sectors.

    New Tactics in Phishing Campaigns

    Targeting the Hospitality Industry

    In 2023, QakBot has returned with a new series of phishing campaigns that target the hospitality industry, such as hotels, resorts, and restaurants. The attackers use spoofed emails that appear to be from legitimate sources, such as booking platforms, travel agencies, or customers. The emails contain malicious attachments or links that claim to be invoices, receipts, reservations, or confirmations. Once the user opens the attachment or clicks on the link, QakBot is downloaded and executed on the device.

    Capability to Harvest Sensitive Information

    QakBot is able to harvest sensitive information from infected devices by using various techniques, such as keylogging, screen capturing, web injection, and form grabbing. It can also monitor the clipboard and steal data that is copied or pasted. The stolen information is then encrypted and sent to the attackers’ command and control servers. The attackers can use the information to conduct fraudulent transactions, identity theft, or blackmail.

    Delivery of Additional Malware

    QakBot can also deliver additional malware to the infected devices by using its modular architecture and network propagation capabilities. It can download and execute other malicious payloads, such as ransomware, spyware, or rootkits, that can further damage the security and functionality of the devices. For example, QakBot can deliver ransomware that encrypts the files and demands a ransom for their decryption. It can also deliver spyware that monitors the activities and communications of the users. It can also deliver rootkits that hide the presence and activities of the malware.

    The Impact on Cybersecurity Governance

    The resurgence of QakBot malware poses a serious threat to the cybersecurity governance of the hospitality industry. The industry needs to take proactive measures to prevent, detect, and respond to the attacks, as well as comply with the relevant regulations and standards.

    Understanding Disclosure Requirements

    The hospitality industry needs to understand the disclosure requirements that apply to them in case of a data breach or a cyberattack. Depending on the jurisdiction, the industry may need to notify the affected customers, the regulators, the law enforcement, or the public about the incident. The industry also needs to follow the guidelines and procedures for reporting the incident, such as the format, the content, the timing, and the frequency of the notifications.

    Immediate Reporting Obligations

    The hospitality industry needs to fulfill their immediate reporting obligations in case of a data breach or a cyberattack. The industry needs to report the incident to the relevant authorities as soon as possible, without undue delay. The industry also needs to provide the necessary information and evidence to support the investigation and the mitigation of the incident, such as the scope, the impact, the cause, and the response to the incident.

    Enhanced Annual Reporting

    The hospitality industry needs to enhance their annual reporting on their cybersecurity practices and performance. The industry needs to disclose their cybersecurity policies, procedures, and controls, as well as their cybersecurity risks, incidents, and outcomes. The industry also needs to demonstrate their compliance with the applicable regulations and standards, such as the General Data Protection Regulation (GDPR), the Payment Card Industry Data Security Standard (PCI DSS), or the ISO 27001.

    Enforcement and Compliance

    The hospitality industry needs to be prepared for the enforcement and compliance actions that may result from a data breach or a cyberattack. The industry may face legal actions, fines, penalties, sanctions, or lawsuits from customers, regulators, law enforcement, or the public. The industry also needs to implement corrective actions, remediation measures, and improvement plans to address the issues and prevent the recurrence of the incident.

    Share. Facebook Twitter Pinterest LinkedIn Email Reddit WhatsApp
    Previous ArticleGoogle Play Store Introduces Remote App Uninstallation Feature Across Android Devices
    Next Article UNC Basketball Legend Eric Montross, Dies at 52 After Cancer Struggle
    Avatar for Sayan Dutta
    Sayan Dutta
    • Website
    • Facebook
    • X (Twitter)
    • Pinterest
    • Instagram
    • LinkedIn

    I am glad you came over here. So, you want to know a little bit about me. I am a passionate digital marketer, blogger, and engineer. I have knowledge & experience in search engine optimization, digital analytics, google algorithms, and many other things.

    Related Posts

    SOA OS23
    Technology

    SOA OS23: The Future Blueprint for Scalable, Agile Digital Systems

    May 29, 2025
    VCWeather
    Technology

    VCWeather.org: The New Face of Hyperlocal Weather Reporting

    May 28, 2025
    Best Automated Penetration Testing Tools
    Technology

    10 Best Automated Penetration Testing Tools

    May 13, 2025

    Table of Contents

    • The Return of QakBot Malware
      • What is QakBot?
      • Previous Disruptions
    • New Tactics in Phishing Campaigns
      • Targeting the Hospitality Industry
      • Capability to Harvest Sensitive Information
      • Delivery of Additional Malware
    • The Impact on Cybersecurity Governance
      • Understanding Disclosure Requirements
      • Immediate Reporting Obligations
      • Enhanced Annual Reporting
      • Enforcement and Compliance

    Top Posts

    SOA OS23

    SOA OS23: The Future Blueprint for Scalable, Agile Digital Systems

    May 29, 2025
    Inter vs. Estrella Roja

    Inter vs. Estrella Roja: Full Match Guide and Detailed Stats

    May 29, 2025
    VCWeather

    VCWeather.org: The New Face of Hyperlocal Weather Reporting

    May 28, 2025
    baltimore-orioles-vs-san-francisco-giants-match-player-sats

    Baltimore Orioles vs San Francisco Giants Match Player Stats

    May 28, 2025
    Popular in Social Media
    Anon IG Viewer

    Anon IG Viewer: Best Anonymous Viewer for Instagram

    April 3, 2025
    CFBR

    How to Use CFBR Appropriately? (Pros and Cons)

    September 24, 2024
    EU to Get WhatsApp, Messenger Interoperability with iMessage, Telegram and More

    EU to Get WhatsApp, Messenger Interoperability with iMessage, Telegram and More

    September 9, 2024
    New in Health
    9 Reasons Why People in Their 40s Should Take Daily Supplements

    9 Reasons Why People in Their 40s Should Take Daily Supplements

    April 8, 2025
    Why Put Your Tampons In The Freezer

    Why Put Your Tampons In The Freezer? (Answered)

    November 26, 2024
    WellHealthOrganic Buffalo Milk Tag

    WellHealthOrganic Buffalo Milk Tag: Unveiling Nutritional Brilliance

    November 13, 2024

    google news

    google-play-badge

    Protected by Copyscape

    DMCA.com Protection Status

    Facebook X (Twitter) Instagram Pinterest
    • Terms of Service
    • Privacy Policy
    • Contact Us
    • About
    • Sitemap
    Copyright © 2025 - Read Us 24x7

    Type above and press Enter to search. Press Esc to cancel.