Nasty email hack can steal your personal data — what to do

(Image credit: Shutterstock)

A particularly persistent strain of malware has once again reared its ugly caput, and this time it's got a new handbag of tricks, reports Israeli security firm Bank check Point.

Qbot, too known every bit Qakbot or Pinkslipbot, started out as a banking Trojan around 2008. Only in the malware world, successful malware doesn't die — it evolves.

Isn't this ironic: Peak cybersecurity firm falls prey to phishing attack
The best identity-theft protection software to keep your personal information prophylactic
Just in: Nearly 28,000 printers 'hacked' over the net: What to practice

Check Point says Qbot has now partnered up with Emotet, a younger only similarly notorious problems, to send phishing emails, steal passwords and credit-card numbers, install ransomware and even insert faux emails into ongoing email conversations.

"The threat actors backside Qbot are investing heavily in its development to enable data theft on a massive calibration from organizations and individuals," said Yaniv Balmas, Check Point'south head of cyber research, in a printing statement.

"For now, I strongly recommend people to watch their emails closely for signs that indicate a phishing attempt — fifty-fifty when the e-mail appears to come from a trusted source," Balmas added.

Another way to avoid infection past Qbot is to run the best antivirus software. Not only will good antivirus scanners spot and finish the malware, merely some strains of Qbot check for the presence of antivirus software on a estimator and cease their activity if it'due south detected.

A malware Swiss Army pocketknife

To be fair, this isn't the commencement time Qbot has snuck phishing emails into ongoing threads, or even come packaged every bit an Emotet payload. Our friends at Bleeping Calculator reported on Qbot doing both back in April 2019, based on a security-firm report that no longer seems to be available online.

So equally now, the infection comes in the form of a spear-phishing email tailored to the recipient. In the body of the email is a link to a document the recipient "needs" to see, purporting to be a resume, business document, tax grade or, in the well-nigh recent campaigns, data about COVID-19.

If you click on that link, y'all'll download a .Nix file that, if you lot're running Windows, will launch a Visual Basic script to download yet more than malware. That malware will in turn check to meet if you lot're running Microsoft Outlook. If then, it volition upload many of your electronic mail threads to criminal servers and then that they can exist hijacked with yet more phishing emails.

The malware can also hijack your online banking sessions even when you're logged in, Bank check Point said. The business firm estimates that nearly 100,000 machines have been infected since March, with the largest number of infections occurring in the United States.

Other strains of Qbot have been spotted hiding in booby-trapped Word documents, corrupting WordPress blogs to infect readers, embedding themselves in the Windows Registry so that they run upon system startup, hijacking Windows' own file-manager awarding and locking users out of their accounts.

Some variants even change their code three or 4 times a twenty-four hours to avert being easily detected by antivirus software. For these reasons, the Cheque Point study says, Qbot "has go the malware equivalent of a Swiss Ground forces knife."

Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has also been a dishwasher, fry melt, long-haul driver, code monkey and video editor. He'south been rooting around in the information-security space for more xv years at FoxNews.com, SecurityNewsDaily, TechNewsDaily and Tom's Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown upward in random Telly news spots and fifty-fifty chastened a console give-and-take at the CEDIA dwelling house-technology conference. Y'all can follow his rants on Twitter at @snd_wagenseil.