Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Botnet Security Privacy IT Technology

BAE Systems Warns About Shape-Shifting Strain of Qbot Malware (computerweekly.com) 20

Warwick Ashford, reporting for ComputerWeekly: Qbot malware will become a potent threat, facilitated by exploit kits for initial infection and automated to gain maximum victim count, warns BAE Systems. The incident response team at BAE Systems is warning of a strain of the virulent Qbot malware that has hit thousands of public sector computers around the world. The malware -- also known as the Qakbot botnet -- first appeared in 2009 and was uploading 2GB of stolen confidential information to its FTP servers each week by April 2010 from private and public sector computers, including 1,100 on the NHS network in the UK. A modified version of the malware has resurfaced that is believed to have infected more than 54,000 PCs in thousands of organisations around the world and added them to its botnet of compromised machines, with 85% of infections in the US.
This discussion has been archived. No new comments can be posted.

BAE Systems Warns About Shape-Shifting Strain of Qbot Malware

Comments Filter:
  • by Anonymous Coward on Tuesday April 12, 2016 @10:31AM (#51892259)

    That's not shape-shifting malware. That's someone releasing a new version of the same malware. Real shape-shifting malware exists, but the term for it is polymorphism. It's been around for decades.

  • by U2xhc2hkb3QgU3Vja3M ( 4212163 ) on Tuesday April 12, 2016 @10:37AM (#51892297)

    They should have named it Odo.

    • by Anonymous Coward

      No, it's not Odo. It's a botnet, which sounds like the Great Link to me. It may be a Founder, but it's not Odo.

  • by Kludge ( 13653 ) on Tuesday April 12, 2016 @10:57AM (#51892505)

    Most of these malware articles are terrible. The articles don't mention the operating system, they don't mention the method or vulnerability being used to propagate. They are mostly useless for an administration who would want to stop such malware.

    • Most of these malware articles are terrible. The articles don't mention the operating system, they don't mention the method or vulnerability being used to propagate. They are mostly useless for an administration who would want to stop such malware.

      If you are going to computerweekly for the information needed to help defend the systems that you administer, you're doing it wring.

    • by fhage ( 596871 )
      It was a polymorphic Ad in the form of an article. An absolute goldmine for buzzword bingo, containing nothing of technical value.

      When I hit the JavaScript wall in front of a PDF download for the "whitepaper", I assumed the malware was confined to BAE supported systems and closed the page.

    • Start of the list of things to block (host-domain names) & cutting javascript-> https://yro.slashdot.org/comme... [slashdot.org] & here are the rest (finally):

      NOPE - can't do it... you can THANK the fools here for restricting my post length or characters per line STUPIDITY FILTERS they put in so you have to get them yourself now... thanks a lot, Logan Abott (you idiot).

      APK

      P.S.=> I feel the same as you do, but I learned you have to dig PAST the 'std. fare' articles in the news many times & go STRAIGHT to

  • Do you mean, yet more malware that only runs on fully patched Microsoft Windows, including the latest version.
  • My only comment is.... @!#?@!

Some people manage by the book, even though they don't know who wrote the book or even what book.

Working...