Lock like a Pro: How Qakbot fuels enterprise ransomware campaigns

Group-IB alerted the world to ProLock.
Now, it’s exposing the threat actor further.

Download white paper

The ProLock ransomware chain emerged in March 2020 as the successor of PwndLocker and has already made its mark, targeting enterprise networks with ransom demands of up to $1 million. Their main tool for initial access is Qakbot, a banking Trojan that has been linked to a recent spike in Big Game Hunting operations.

In this white paper, you’ll learn:

  • The complete tactics, techniques, and procedures (TTPs) of ProLock based on the updated MITRE ATT&CK® matrix
  • How Qakbot evades detection and achieves persistence in a network
  • Previously unknown details on post-exploitation tools used in the threat actor’s recent campaigns

Want to take a deeper dive into ProLock’s unique kill chain? Join the webinar with Oleg Skulkin, Senior Digital Forensics Analyst at Group-IB, to learn more about the ransomware group and its connection to Big Game Hunting.

Download white paper

Please, fill in the form for downloading the white paper

Cookies

We use cookies on the website to make your browser experience more personal, convenient and secure. You may block or manage the use of cookies, however, in some cases they’re essential to make this site work properly. Learn more about cookies in Group-IB Privacy And Cookies Policy.