A new wave of phishing messages distributing the QakBot malware has been observed, more than three months after a law enforcement effort saw its infrastructure dismantled by infiltrating its Command-and-Control (C2) network. Microsoft investigators who made the discovery, described it as a low-volume campaign that began on 11 December 2023, and targeted the hospitality industry. Targets received a PDF from a user masquerading as an IRS employee," the investigators posted in a series of posts
