14 February 2022  —  Eric Swotinsky
Incident reports

New Qbot variant needs just 30 minutes to steal info

An active threat campaign using the notorious Qbot trojan is stealing sensitive data in just 30 minutes, much more quickly than previously known variants of this malware.

Qbot (also known as Qakbot or Quakbot) typically hides in infected Excel documents, which drop a loader in the form of a DLL on a victim's machine. From there, the malware injects into legitimate processes and is free to steal data.

From document to injection, Acronis Cyber Protect's advanced threat detection engines recognize and stop these malicious behaviors before your data is compromised.