Loader
Pikabot
First seen: 2023-02 • Status: active
Currently Active Threat
Pikabot is the successor to Emotet. It hijacks email conversations to spread malware.
Overview
Pikabot emerged after Emotet takedown and uses similar email hijacking tactics.
Also Known As
PikaBot
How It Spreads
- • Email thread hijacking
- • Malicious archives
- • Phishing
What It Does
- • Downloads ransomware
- • Cobalt Strike deployment
- • Credential theft
Is your business exposed?
Target Platforms
Windows
Detection Tips
- • Monitor for email thread hijacking
- • Block suspicious archives
MITRE ATT&CK Techniques
T1566, T1059, T1105
If You're Infected
- 1.
Review compromised email accounts
Is your business exposed?
Check if your company data is circulating on the dark web
Free scan • No credit card required