U.S. authorities seize millions from infamous hacking network.

Law Enforcement⁢ Operation Dismantles ⁢Notorious Qakbot Malware ⁢Platform

In a⁤ major multinational effort, U.S. authorities have successfully taken⁤ down the infamous “Qakbot” ‌botnet malware ‍platform. This ⁣platform, controlled by cybercriminals, has⁤ been⁤ responsible for carrying out criminal financial activities on a ⁢massive scale.

The U.S. Department of Justice revealed​ that Qakbot malware has infected over 700,000 ‌victim computers, causing‍ extensive damage to businesses, healthcare​ providers,⁣ and government agencies worldwide. Ransomware deployments ⁢and financial losses in the hundreds of millions of dollars have ⁤been attributed to ⁤this malicious⁢ software.

The⁣ operation, known as “Operation⁢ Duck Hunt,” involved law enforcement agencies⁢ from ⁣the U.S., France, Germany, the Netherlands, Romania, Latvia, and the United ‍Kingdom. ⁢It​ marks ⁢one of the​ largest disruptions of a botnet infrastructure used by cybercriminals ⁤for ransomware ⁤attacks, financial fraud, ‌and other cyber-enabled criminal activities.

FBI‍ Director Christopher Wray stated, “The FBI neutralized this far-reaching ⁣criminal supply chain, cutting it ‌off at the knees. The victims ranged from financial⁣ institutions on the East Coast to a critical infrastructure government contractor in the Midwest to ⁤a medical device manufacturer on the West ⁣Coast.”

The FBI successfully dismantled the botnet ​by gaining⁣ lawful⁤ access​ to its infrastructure and redirecting ​the traffic to their own servers. From there, infected computers were instructed to ⁤download an uninstaller file created by ⁣law enforcement. ‌This action​ untethered the victims from⁢ the botnet ⁤and prevented further‌ malware⁣ infections from Qakbot.

During the operation,⁣ authorities ⁣recovered more ⁢than 6.5 million victims’ email addresses ⁢and password ⁣credentials, with millions more still being identified. Additionally, 52‌ servers ​were seized, effectively dismantling the Qakbot system.

Qakbot malware, also known as “Qbot” and “Pinkslipbot,” has been active since 2008.‍ It primarily​ infects victim ⁣computers through spam emails containing malicious⁤ hyperlinks.⁣ Once a user interacts ⁤with the email’s content, the​ platform delivers malware or‌ ransomware, unknowingly incorporating the⁣ victim’s computer into the Qakbot-controlled botnet network.

Security researchers ​believe that the hacking network ​behind Qakbot originated ⁤in ‌Russia.

CLICK HERE TO GET THE DAILYWIRE+ APP

In⁤ the United States, Qakbot ransomware infected more than 200,000 computers belonging to ⁣critical infrastructure industries. These included a power ‍engineering‌ firm in Illinois, financial services organizations in Alabama, Kansas, and Maryland, a defense manufacturer in Maryland, and a⁤ food distribution ‍company in Southern California.

Between October 2021 ⁢and April 2023, the administrators⁣ of the Qakbot platform received approximately $58 million in ransoms from victims. However, these​ attacks resulted ⁢in millions of dollars in losses for individuals and ⁣businesses worldwide.

Authorities have ‌also seized over $8.6 million in cryptocurrency, representing illicit profits from Qakbot activities. They are currently working to remove the malicious code from victims’ computers.

U.S. Attorney Martin Estrada ​emphasized the significance of this operation, stating, “Qakbot was the botnet‌ of choice ​for some of the most infamous ransomware gangs, but we have now taken it out. This operation ⁢also has led to the seizure of⁣ almost ⁣9 million dollars in cryptocurrency from the ‌Qakbot cybercriminal ‌organization, which will now be made available to ⁣victims. My Office’s focus⁣ is ​on protecting and vindicating the rights of victims, ⁤and this multifaceted attack on‌ computer-enabled crime demonstrates‌ our commitment to safeguarding our‍ nation ​from harm.”

The⁢ U.S. State‍ Department’s Rewards⁢ for Justice program is offering a ⁢reward of up to $10 million for information leading⁣ to the⁤ identification of the⁤ Qakbot operator.

*As an Amazon Associate I earn from qualifying purchases