New Latrodectus loader steps in for Qbot

New (down)loader malware called Latrodectus is being leveraged by initial access brokers and it looks like it might have been written by the same developers who created the IcedID loader. Malware delivery campaigns “[Latrodectus] was first observed being distributed by TA577, an IAB known as a prolific Qbot distributor prior to the malware’s disruption in 2023. TA577 used Latrodectus in at least three campaigns in November 2023 before reverting to Pikabot,” Proofpoint and Team Cymru … More →

The post …

access brokers called campaigns delivery developers distributed distributor don't miss down hot stuff iab icedid initial access initial access broker initial access brokers latrodectus loader malware malware delivery proofpoint qbot ta577 team cymru written