The Problem with Hackers

On June 10, Kroll’s Cyber Risk team published that there is an increasing tendency of hackers to use the Qakbot trojan, or Qbot. Cybercriminals are using Qbot to launch email thread hijacking projects which they then use to send ransomware attacks.

Based on the Kroll report, the banking trojans seem to be the most commonly used in the launch of these ransomware attacks. The criminals seek to steal financial data as elaborated analysts from Kroll, Training Alliance, and National Cyber-Forensics. They also target other industries including media, education, and academia.

Hackers Turn To Trojans And YouTube To Swindle Unsuspecting Victims 1

The health care sector has also become vulnerable due to the rapid spread of the COVID-19 pandemic. The trojans are commonly used as the entry point by the ProLock ransomware gang members. These hackers succeed since they use highly sophisticated phishing structures that the common users do not easily detect.

Coinbase 4

Qakbot Trojan Attack Strategies

Qakbot is described as a banking trojan and it has been active for at least 10 years, according to Kroll. It primarily relies on brute force attacks, keyloggers, windows account credential theft, and authentication cookie grabbers, among many other strategies.

One of the authors of this research was Laurie Iacono. Laurie works as the vice president of Kroll’s cyber risk team. She commented on the reasons why hackers are relying on trojans like Qakbot to issue these ransomware attacks:

“The ultimate reason is to maximize their profits. Within the past 18 months, Kroll has observed multiple cases where a trojan infection is the first step of a multi-phased attack—hackers infect a system; find a way to escalate privileges, conduct reconnaissance, steal credentials (and sometimes sensitive data); and then launch a ransomware attack from an access level where it can do the most damage. They can make money on the ransom payment and potentially on the sale of stolen data and credentials;—plus the stolen data helps force infected companies to pay the ransom.”

Hackers Turn To Trojans And YouTube To Swindle Unsuspecting Victims 2

The research’s co-author who is also the vice president of Kroll’s cyber risk department, Cole Manaster, said that there is an evolution in the way these thread hijacking attacks are deployed. He explained:

“Criminals are aware of the increasing cybersecurity training across email users and are producing more sophisticated, and authentic-looking phishing lures.”

Cybercrimes Increase Amid COVID-19

On the other hand, Iacono stated that the use of bank trojans by ransomware gangs is common. She gave an example of the Ryuk attacks that are preceded by the launch of the Emotet trojan. The DoppelPaymer attacks are another common form of attacks that normally precede Trickbot injections.


Since more workers remain at home due to the health crisis, the researchers identified:

“an uptick in attacks exploiting vulnerabilities in remote work applications such as the Citrix exploit.”

Reports emerged on May 17 that the ProLock gang is using the Qakbot banking trojan frequently to launch attacks. After launching successful attacks, the gang asks its victims for six-figure USD ransoms. These ransoms are paid in Bitcoin (BTC) to decrypt the files.

Phony SpaceX YouTube Channels Dupe Victims

Scammers have also found a haven on YouTube. The latest reports indicate that these criminals managed to con viewers into sending them a cumulative 15.31 BTC worth about $150,000. They used the usual ‘free giveaway’ trick. The crypto scammers impersonated SpaceX YouTube accounts and hosted several fictitious Bitcoin giveaways.

Bleeping Computer

Several scammers hacked legitimate accounts on YouTube, according to a June 9 report on Bleeping Computer. They changed the branding and content to extensively imitate that of Elon Musk’s SpaceX channel.

The channels broadcasted archived footage of Elon as if it was happening live and urged viewers to send Bitcoin. At least 80,000 people watched the phony live event that earned the scammers 15.31 BTC since June 8. One bitcoin address got 84 donations that totaled 11.23 BTC while another one received 29 transactions for 4.08 BTC.

Musk is aware that scammers are using his name to perpetrate their heinous acts. In February, the CEO tweeted:

“the crypto scam level on Twitter is reaching new levels and users should report such fakes as soon as they see them.”

But, sending reports is not enough for various platforms. Tenable reported in February that:

“there has been a perpetual cat-and-mouse game between Twitter and cryptocurrency scammers and the latter continue to modify their tactics to get BTC from unsuspecting victims.”

Scammers know how to detect profitable trends like impersonating Musk. Thus, experts advise investors and users to do thorough background checks on any project that they want to invest their funds in.

Hackers Turn To Trojans And YouTube To Swindle Unsuspecting Victims 3
About the author

Wanguba Muriuki is an Editor at Large for E-Crypto News and author of the book- "The Exploitative Intrigues of Cryptocurrency Scams Explained." He is also a passionate creator who sees every aspect of life from a written perspective. He loves Blockchain, Cryptocurrency, Technology, and Traveling. He is a widely experienced creative and technical writer. Everything and everyone is describable. The best description is written.

Related Posts


E-Crypto News Executive Interviews


Bitcoin (BTC) $ 41,603.00
Ethereum (ETH) $ 2,463.23
Tether (USDT) $ 0.998285
Binance Coin (BNB) $ 333.12
Cardano (ADA) $ 1.31
XRP (XRP) $ 0.752829
Dogecoin (DOGE) $ 0.210436
USD Coin (USDC) $ 0.999681
Polkadot (DOT) $ 16.41
Binance USD (BUSD) $ 0.999884
bitcoinBitcoin (BTC)
$ 41,603.00
ethereumEthereum (ETH)
$ 2,463.23
tetherTether (USDT)
$ 0.998285
bitcoin-cashBitcoin Cash (BCH)
$ 544.95
litecoinLitecoin (LTC)
$ 143.76
bitcoinBitcoin (BTC)
ethereumEthereum (ETH)
tetherTether (USDT)
bitcoin-cashBitcoin Cash (BCH)
litecoinLitecoin (LTC)
bitcoinBitcoin (BTC)
ethereumEthereum (ETH)
tetherTether (USDT)
bitcoin-cashBitcoin Cash (BCH)
litecoinLitecoin (LTC)

Automated trading with HaasBot Crypto Trading Bots

Crypto Scams

Hacks and Scam
The World’s Most Infamous Crypto Hacks and Scams
July 31, 2021
Cryptocurrency Exchanges
Cryptocurrency Exchanges and the Plague of Scams and Bans
June 29, 2021
What Role Do Cryptocurrencies Play In The Era Of Ransomware Attacks?
June 9, 2021
Crypto Scams On The Rise As Market Enters Bull Cycle
Crypto Scams On The Rise As Market Enters Bull Cycle
December 22, 2020
Harpreet Singh Sahni perpetrated the Plus Gold Union Coin (PGUC) scam
Sydney Concert Promoter Harpreet Sahni Involved In $50M Crypto PGUC Scam
November 2, 2020

Blockchain/Cryptocurrency Questions and Answers

Short-Sell Cryptocurrency
How to Short-Sell Cryptocurrency: A Brief Overview
July 17, 2021
What Is Klaytn (KLAY) And How Does It Work?
July 16, 2021
Our Crypto Roundup Interview Asks- Do Cryptocurrencies Have a Future?
July 15, 2021
What Is Solana (SOL) And How Does It Work?
June 26, 2021
What Is Plethori Platform And How Does It Work?
June 12, 2021

CryptoCurrencyUSDChange 1hChange 24hChange 7d
Bitcoin41,575 0.44 % 7.29 % 24.27 %
Ethereum2,456.9 0.35 % 4.99 % 16.05 %
Tether1.000 0.21 % 0.05 % 0.20 %
Binance Coin332.16 0.23 % 7.32 % 11.60 %
Cardano1.310 0.78 % 3.82 % 8.75 %
XRP0.7517 0.17 % 4.07 % 23.34 %
Dogecoin0.2095 0.70 % 4.34 % 8.18 %
USD Coin0.9992 0.13 % 0.05 % 0.16 %
Polkadot16.31 0.80 % 11.31 % 22.15 %
Binance USD0.9984 0.18 % 0.05 % 0.56 %

Bitcoin (BTC) $ 41,209.00
Ethereum (ETH) $ 2,441.19
Tether (USDT) $ 0.999312
Binance Coin (BNB) $ 327.79
Cardano (ADA) $ 1.30
XRP (XRP) $ 0.740199
USD Coin (USDC) $ 0.999534
Dogecoin (DOGE) $ 0.206870
Polkadot (DOT) $ 16.28
Binance USD (BUSD) $ 0.999094