Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
Also known as: Gold Lagoon, GOLD LAGOON
First documented in 2008, Qbot (aka QuakBot, QakBot, or Pinkslipbot) has evolved over the years from an information stealer to a 'Swiss Army knife' adept in delivering other kinds of malware, including Prolock ransomware, and even remotely connect to a target's Windows system to carry out banking transactions from the victim's IP address. Attackers usually infect victims using phishing techniques to lure victims to websites that use exploits to inject Qbot via a dropper. QakBot has been observed to be distributed by Emotet (operated by Mummy Spider, TA542 ).
No exploited CVEs have been attributed to this threat actor yet.
Browse CVE Database