top of page
  • Clipeus

After Qbot: DarkGate and PikaBot (?)

Codefense published a temporal analysis correlating the rise in observed DarkGate and PikaBot events with the FBI-led dismantlement of the Qbot infrastructure in late August 2023. According to Codefense, the first DarkGate payloads were observed shortly before the FBI operation, in July 2023. However, since September 2023, the frequency and intensity of these events have considerably increased. Simultaneously, in October 2023, there were reports of a presumed resurgence of Qbot, leading to the hypothesis that the Qbot network may not have been completely eradicated. If the hypothesis of a succession from Qbot to DarkGate and/or PikaBot is confirmed, tracking these two malware variants becomes critical to mitigate the risk of initial intrusion, preventing potential nefarious consequences, including ransomware deployment.


Commenting has been turned off.

If you are interested in specifics or additional insights on the threats above or any other threat, please visit our dedicated service page or reach out to with your inquiry. We would be glad to assist you

bottom of page