Attacks of the W32.Qakbot worm, which was responsible for a data breach at a Massachusetts labor agency, are on the rise after the author "seeded" newer variants, according to analysis by Symantec.
Infosecurity.Com - Circulating since 2009, the W32.Qakbot malware infects users by exploiting flaws when malicious web pages are visited and spreads through network shared and removable drives. It downloads files, steals information, and opens a back door on the compromised computer, Symatec explained in a recent blog.There was a major wave of Qakbot attacks in April, spiking to well over 200,000 per day on two occasions. Symantec said that the Qakbot attacks peaked after the author “seeded” newer variants to circumvent detection techniques used by security software.
Not coincidently, Massachusetts Executive Office of Labor and Workforce Development was attacked by the Qakbot worm during that period, with the possible compromise of personal information on 210,000 people. While the attack happened in mid-April, the office did not disclose the breach until mid-May. Read More
