Lock like a Pro: How Qakbot fuels enterprise ransomware campaigns
Group-IB alerted the world to ProLock.
Now, it’s exposing the threat actor further.
The ProLock ransomware chain emerged in March 2020 as the successor of PwndLocker and has already made its mark, targeting enterprise networks with ransom demands of up to $1 million. Their main tool for initial access is Qakbot, a banking Trojan that has been linked to a recent spike in Big Game Hunting operations.
In this white paper, you’ll learn:
- The complete tactics, techniques, and procedures (TTPs) of ProLock based on the updated MITRE ATT&CK® matrix
- How Qakbot evades detection and achieves persistence in a network
- Previously unknown details on post-exploitation tools used in the threat actor’s recent campaigns
Want to take a deeper dive into ProLock’s unique kill chain? Join the webinar with Oleg Skulkin, Senior Digital Forensics Analyst at Group-IB, to learn more about the ransomware group and its connection to Big Game Hunting.
Download white paper
Please, fill in the form for downloading the white paper