The security researcher at security firm McAfee is warning that Qakbot, an old-fashioned cybersecurity banker, is still active. As it remains active even after being deleted from PC.
This Malware Remains Active Even After Being Deleted From PC
Researchers at security firm McAfee are warning that Qakbot, an old-fashioned cybersecurity banker, is still active. In its modern versions, it is much more dangerous because it can remain active even when it has been deleted from the PC.
Qakbot, also known as Pinkslipbot, is a banking trojan that has been active for ten years. The first detection occurred back in 2007 and since then malware has evolved to become a dangerous threat to users as it has the ability to remain active even after it has been deleted from the infected computer.
According to the McAfee report, Qakbot can continue to use infected devices as control servers after it has been deleted by security solutions so that even though its ability to steal data has ceased, it continues to perform malicious actions on the server and equipment.
According to McAfee researchers, the new version of this banking trojan can not only steal victims’ financial data through keyloggers or Man-in-the-Browser attacks but can also download other malicious programs on computers through a back door.
The malware controls a massive botnet consisting of more than 500,000 infected PCs that steal more than half a million records per day. Among the data obtained are names of credit cards, social security numbers, online banking credentials, email passwords, digital certificates, etc.
At the moment, McAfee experts are still unaware of how an infected machine can be converted to a control proxy server. To enable users to check if they are free of this virus, the security company has released a free tool that allows detecting if the malware has turned the computer into a control server and eliminate the threat.
So, what do you think about this dangerous threat? Simply share your views and thoughts in the comment section below.