The Qbot banking trojan has dropped the ProLock ransomware in favor of the Egregor ransomware who burst into activity in September. The ProLock has historically worked with Qbot to gain access to compromised networks. The tactics, techniques and procedures (TTPs) are similar to those seen in the past Qakbot s Big Game Hunting operations, according to a new report by Oleg Skulkin, Senior Digital Forensics Analyst at Group-IB a Singapore-based cybersecurity company, has found that Qbot is has stopped distributing ProLock.
Source: https://www.bleepingcomputer.com/news/security/qbot-partners-with-egregor-ransomware-in-bot-fueled-attacks/