The Problem with Hackers

On June 10, Kroll’s Cyber Risk team published that there is an increasing tendency of hackers to use the Qakbot trojan, or Qbot. Cybercriminals are using Qbot to launch email thread hijacking projects which they then use to send ransomware attacks.

Based on the Kroll report, the banking trojans seem to be the most commonly used in the launch of these ransomware attacks. The criminals seek to steal financial data as elaborated analysts from Kroll, Training Alliance, and National Cyber-Forensics. They also target other industries including media, education, and academia.

Hackers Turn To Trojans And YouTube To Swindle Unsuspecting Victims 1

The health care sector has also become vulnerable due to the rapid spread of the COVID-19 pandemic. The trojans are commonly used as the entry point by the ProLock ransomware gang members. These hackers succeed since they use highly sophisticated phishing structures that the common users do not easily detect.

Qakbot Trojan Attack Strategies

Qakbot is described as a banking trojan and it has been active for at least 10 years, according to Kroll. It primarily relies on brute force attacks, keyloggers, windows account credential theft, and authentication cookie grabbers, among many other strategies.

One of the authors of this research was Laurie Iacono. Laurie works as the vice president of Kroll’s cyber risk team. She commented on the reasons why hackers are relying on trojans like Qakbot to issue these ransomware attacks:

“The ultimate reason is to maximize their profits. Within the past 18 months, Kroll has observed multiple cases where a trojan infection is the first step of a multi-phased attack—hackers infect a system; find a way to escalate privileges, conduct reconnaissance, steal credentials (and sometimes sensitive data); and then launch a ransomware attack from an access level where it can do the most damage. They can make money on the ransom payment and potentially on the sale of stolen data and credentials;—plus the stolen data helps force infected companies to pay the ransom.”

Hackers Turn To Trojans And YouTube To Swindle Unsuspecting Victims 2

The research’s co-author who is also the vice president of Kroll’s cyber risk department, Cole Manaster, said that there is an evolution in the way these thread hijacking attacks are deployed. He explained:

“Criminals are aware of the increasing cybersecurity training across email users and are producing more sophisticated, and authentic-looking phishing lures.”

Cybercrimes Increase Amid COVID-19

On the other hand, Iacono stated that the use of bank trojans by ransomware gangs is common. She gave an example of the Ryuk attacks that are preceded by the launch of the Emotet trojan. The DoppelPaymer attacks are another common form of attacks that normally precede Trickbot injections.


Since more workers remain at home due to the health crisis, the researchers identified:

“an uptick in attacks exploiting vulnerabilities in remote work applications such as the Citrix exploit.”

Reports emerged on May 17 that the ProLock gang is using the Qakbot banking trojan frequently to launch attacks. After launching successful attacks, the gang asks its victims for six-figure USD ransoms. These ransoms are paid in Bitcoin (BTC) to decrypt the files.

Phony SpaceX YouTube Channels Dupe Victims

Scammers have also found a haven on YouTube. The latest reports indicate that these criminals managed to con viewers into sending them a cumulative 15.31 BTC worth about $150,000. They used the usual ‘free giveaway’ trick. The crypto scammers impersonated SpaceX YouTube accounts and hosted several fictitious Bitcoin giveaways.

Bleeping Computer

Several scammers hacked legitimate accounts on YouTube, according to a June 9 report on Bleeping Computer. They changed the branding and content to extensively imitate that of Elon Musk’s SpaceX channel.

The channels broadcasted archived footage of Elon as if it was happening live and urged viewers to send Bitcoin. At least 80,000 people watched the phony live event that earned the scammers 15.31 BTC since June 8. One bitcoin address got 84 donations that totaled 11.23 BTC while another one received 29 transactions for 4.08 BTC.

Musk is aware that scammers are using his name to perpetrate their heinous acts. In February, the CEO tweeted:

“the crypto scam level on Twitter is reaching new levels and users should report such fakes as soon as they see them.”

But, sending reports is not enough for various platforms. Tenable reported in February that:

“there has been a perpetual cat-and-mouse game between Twitter and cryptocurrency scammers and the latter continue to modify their tactics to get BTC from unsuspecting victims.”

Scammers know how to detect profitable trends like impersonating Musk. Thus, experts advise investors and users to do thorough background checks on any project that they want to invest their funds in.

About the author

Wanguba Muriuki is an Editor at Large for E-Crypto News and author of the book- "The Exploitative Intrigues of Cryptocurrency Scams Explained." He is also a passionate creator who sees every aspect of life from a written perspective. He loves Blockchain, Cryptocurrency, Technology, and Traveling. He is a widely experienced creative and technical writer. Everything and everyone is describable. The best description is written.

Related Posts

E-Crypto News Executive Interviews

Crypto Scams

Cryptosoft Trading Bot Review
June 27, 2022
The Largest Crypto Scams Of 2022 (So Far)
The Largest Crypto Scams Of 2022 (So Far)
June 14, 2022
How Do Scammers Entice Their Prey?
May 10, 2022
Beanstalk Farms Loses $80M In A Massive DeFi Governance Flash-Loan Hack
Beanstalk Farms Loses $80M In A Massive DeFi Governance Flash-Loan Hack
April 23, 2022
Joon Pak Head of Crypto at Prove talks to Us about Crypto Fraud And More
April 11, 2022

Automated trading with HaasBot Crypto Trading Bots

Blockchain/Cryptocurrency Questions and Answers

Roundtable Interview-What is the Effect of The Russia-Ukraine War on Cryptocurrency Prices?
March 4, 2022
How Does Bitcoin Casino Work + 2021 Beginner’s Guide
November 8, 2021
How to Buy and Sell Cryptocurrency
November 8, 2021
What Are Bitcoin Futures And How Will They Work In 2022?
November 4, 2021
The Unconventional Guide to Ethereum
October 28, 2021

CryptoCurrencyUSDChange 1hChange 24hChange 7d
Bitcoin20,754 0.01 % 2.07 % 1.16 %
Ethereum1,188.9 0.12 % 2.26 % 5.61 %
Tether1.001 0.10 % 0.09 % 0.04 %
USD Coin1.001 0.02 % 0.15 % 0.18 %
BNB234.34 0.17 % 1.22 % 9.11 %
Binance USD1.002 0.01 % 0.41 % 0.00 %
XRP0.3544 0.25 % 2.38 % 8.83 %
Cardano0.4881 0.28 % 2.95 % 0.88 %
Solana38.53 0.13 % 3.74 % 12.69 %
Dogecoin0.07230 1.46 % 1.90 % 19.40 %

Bitcoin (BTC) $ 20,777.00
Ethereum (ETH) $ 1,191.31
Tether (USDT) $ 1.00
USD Coin (USDC) $ 1.00
BNB (BNB) $ 234.85
Binance USD (BUSD) $ 1.00
XRP (XRP) $ 0.353913
Cardano (ADA) $ 0.48855
Solana (SOL) $ 38.76
Dogecoin (DOGE) $ 0.072422