QBot Botnet Uses Defender Windows as bait
Having safety equipment very important today. We have many options at our disposal. Many types of antivirus software, both free and paid, for all systems. Also other types of security tools that are designed to properly protect computers.
Now, if we are talking about a very popular antivirus widespread among users, it is Defender for Windows … This means that if it is used to attack by hackers, it may not arouse suspicion among victims.
What the The QBot botnet does uses a new template to distribute its malware, which uses a fake Defender theme Windows… The goal is to trick the victim into enabling macros in the Excel file.
If a victim activates macros in this file, they can launch a threat and steal credentials and passwords. An issue that we see is jeopardizing our privacy and security. It can also provide remote access to install ransomware.
Victims are usually infected Qbot through other malware or phishing campaigns using various decoys, including fake accounts, banking and payment information, scanned documents or invoices. Along with these malicious emails, there are Excel files. Once opened, they will ask users to include content. In this case, our computer can become infected.
Defender Template Windows like bait
To trick the victim, they use document templates … These templates usually come from legitimate organizations or from our own system. Now, in the case of QBot, it uses the Defender template Windowsto gain the victim’s trust.
This template is for notification from popular Microsoft antivirus … What users will learn from this widespread use. Then they will see that they need to allow the content to read information from this file. As a Protector Windowssoftware, which in theory should be reliable, they trust it and open it.
The problem is that inclusion of this content when the malware is launched. This is where security issues arise that put our team at risk.
All this makes it very important to know how to detect these types of malicious files. Common sense must be present more than ever, without mistakes that could jeopardize us. It is important not only to have a good antivirus, but also to have the latest updates on our computers to eliminate possible vulnerabilities.