The Qbot botnet is spewing U.S. election-themed phishing emails to infect victims with malicious payloads designed to harvest user data and emails for use in future campaigns. The messages come with malicious Excel spreadsheet attachments disguised as secure DocuSign file. Malwarebytes’ J..r..me Segura and Hossein Jazi say the messages are camouflaged as replies in previously stolen email threads, a tactic used to add legitimacy in the targets’ eyes. Qbot has also seen a resurgence last year, being dropped as a first stage or as a second stage malware payload by the Emotet gang.
Source: https://www.bleepingcomputer.com/news/security/qbot-phishing-lures-victims-using-us-election-interference-emails/