Qakbot hackers are still spamming victims despite FBI takedown

The hackers behind Qakbot, a malware operation previously “dismantled” by the FBI, are reportedly still active and targeting new victims, according to Cisco Talos. Following the bureau’s August crackdown on Qakbot, the hackers have been reported to be distributing Ransom Knight ransomware and the Remcos remote access trojan while infecting victims with RedLine and Darkgate malware. The malware threat remains active and the spam delivery infrastructure remains unaffected by the FBI’s action, says Talos.