Pikabot A Stealthy Backdoor with Ingenious Evasion Tactics

Threat Level

Attack Report

For a detailed threat advisory, download the pdf file here

Summary

Pikabot, a sophisticated backdoor evades analysis with anti-analysis measures like the “sleep” function, uses NtContinue API, employs language-based execution cessation, and shows connections to Qakbot trojan.

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.