The (D)Evolution of Pikabot [Wednesday, February 14, 2024]

Pikabot is a malware loader that was first observed in early 2023 and became very active following the takedown of Qakbot in August 2023. In Decemb...
The (D)Evolution of Pikabot [Wednesday, February 14, 2024]
The (D)Evolution of Pikabot

The (D)Evolution of Pikabot

Description :
Pikabot is a malware loader that was first observed in early 2023 and became very active following the takedown of Qakbot in August 2023. In December 2023, Pikabot activity ceased, possibly as a result of a new version of Qakbot that emerged. In February 2024, a new version of Pikabot was released with significant changes. The malware continues to pose a significant cyber threat and is in constant development, although the developers have decreased the complexity level of Pikabot's code by removing advanced obfuscation features.

Published Created Modified
2024-02-14 09:20:02 2024-02-14 09:20:02 2024-02-14 10:01:00

Tags

Indicators

IPv4s : URLs : Malwares :
  • QuackBot
  • Pinkslipbot
  • QakBot - S0650
  • Pikabot
  • QBot
  • Cobalt Strike - S0154
Hashes :
  • ca5fb5814ec62c8f04936740aabe2664b3c7d036203afbd8425cd67cf1f4b79d
  • 555687ca3149e23ee980a3acf578e0572da556cf34c87aecf48596834d6b496f
Intrusion set :
  • BlackBasta
Location :
  • Russian Federation
  • Ukraine
MITRE ATT&CK Techniques : Other observables :
  • Manufacturing
  • Technology

External References

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.