The DarkGate and PikaBot phishing campaign is using many of the tactics favored by the notorious and since-shuttered Qakbot operation

Security Boulevard is a leading cybersecurity news and information portal, offering articles, analysis, and insights on cybersecurity threats, vulnerabilities, and best practices. From the latest trends in cyber threats to expert commentary on security technologies and compliance frameworks, Security Boulevard provides resources for security professionals, IT leaders, and business executives seeking to protect their organizations from cyber attacks and data breaches.

Security Boulevard

A phishing campaign using DarkGate and PikaBot malware is employing tactics similar to the previously taken-down QakBot operation. The operators behind the campaign have adopted hijacked email threads, unique URL patterns, and an infection chain that closely resembles what was used by QakBot affiliates. Additionally, the DarkGate campaign has intensified since the takedown of QakBot, posing a high-level threat with the potential for more sophisticated threats like reconnaissance malware and ransomware.

DarkGate and PikaBot Phishing Campaign is Using Qakbot Tactics