IKEA, the furniture giant from Sweden, has disclosed that its servers were hit by a Qakbot malware that could have compromised its staff and partner accounts to a certain extent. However, as the investigation is still underway, compromise of accounts is yet to be determined.
QuakBot aka QuackBot malware is actually a malicious software that has the potential to steal banking credentials and is existing since the year 2007. It also has the potential to spy on financial operations of its targets and has the potential to install ransomware, in order to maximize earnings to the threat actor spreading the payload.
Slowly and steadily, those spreading malware have developed this malware so much that it can also log keystrokes, induce backdoors and can stay anonymous from being detected by anti-malware solutions.
Staff members of Ikea suspect that the malware payload could have reached the servers through a malicious email.
However, a source reporting to Cybersecurity Insiders reports a company’s staff member could have also helped them to breach the network.
The good thing about the attack is that the company’s security policy already inducts an encryption technique where the card info, addresses, and other sensitive details are not easily accessible.
Note 1- As IKEA is a multi-national company that makes and sells furniture, kitchen appliances and home accessories, the extent of the malware spread on its global business is yet to be known.
Note 2- In January 2021, retail giant Dairy Farm that offers business to Ikea was hit by REvil ransomware.
