Are DarkGate and PikaBot the new QakBot?

Cofense Intelligence reports an active, evolving phishing campaign (beginning September) that disseminates DarkGate and PikaBot via hijacked email threads and sophisticated delivery chains (JS droppers, Excel‑DNA, VBS, LNK). The campaign uses evasive URLs that limit access by location/browser, employs anti-analysis and sandbox-evasion techniques, and functions as a loader capable of delivering additional payloads — increasing risk of reconnaissance tools, cryptocurrency miners, and ransomware; the activity shows strong TTP overlap with QakBot-affiliated campaigns.