Security researchers at F5 Labs have spotted ongoing attacks using Qbot malware payloads to steal credentials from customers of dozens of US financial institutions.

Qbot (also known as Qakbot, Pinkslipbot, and Quakbot) is a banking trojan with worm features [123] used to steal banking credentials and financial data, as well as to log user keystrokes, deploy backdoors, and drop additional malware on compromised machines.

Among the banks whose customers have been targeted in this Qbot campaign, the researchers found JP Morgan, Citibank, Bank of America, Citizens, Capital One, Wells Fargo, and FirstMerit Bank.