Windows XP flaws help Russian 'Qbot' gang build 500,000 PC botnet
The Russian gang behind the obscure Qbot botnet have quietly built an impressive empire of 500,000 infected PCs by exploiting unpatched flaws in mainly US-based Windows XP and Windows 7 computers, researchers at security firm Proofpoint have discovered.
A year or two ago, what the Qbot (aka Qakbot) campaign has achieved in the roughly half dozen years the actors behind it have been operating would have been seen as a major concern. Recently, standards have gone up a notch.
These days Russian hackers are grabbing headlines for altogether more serious incursions such as the recently revealed attack on US bank JPMorgan Chase, and botnets sound like yesterday's problem. However, Proofpoint's research does point to an intriguingly sophisticated business model. The group behind the botnet have built it in a methodical way over time, fuelling the campaign at levels low enough to avoid attracting the attention of security firms.