- “Ducktail” Hackers Target Facebook - September 28, 2023
- Okta Breach: Super Admin Hack - September 24, 2023
- Rackspace: $10.8M Cloud Shift - September 23, 2023
The infrastructure of the infamous Qakbot malware has been effectively destroyed by a US government operation, but the worldwide costs are expected to be in the “hundreds of millions” of dollars. Over 700,000 infected machines were found globally as a result of the FBI’s cooperation with foreign law enforcement organizations, including 200,000 in the United States.
Crushing Cybercrime: FBI’s Strike on Qakbot – $8.6M Recovered and Infrastructures Disrupted
Additionally, the Department of Justice confiscated more than $8.6 million in Bitcoin from the cybercriminal group Qakbot, which will be used to pay victims. With this operation, the botnet infrastructure that hackers use for crimes like ransomware and financial fraud has been significantly disrupted by American leadership.
Under the codename “Operation Duck Hunt,” the FBI gained access to Qakbot’s network and redirected the company’s traffic to FBI-managed servers. Infected machines were told to download a law enforcement-made uninstaller, which cut connections to the Qakbot botnet and stopped further malware infections.
The FBI also recovered stolen credentials from more than 6.5 million individuals as part of the investigation, and overseas partners found even more cases. 52 servers were taken by the government, guaranteeing the botnet’s complete destruction.
Since 2008, Qakbot has been in use. It first appeared as a banking trojan and propagated via phishing emails. When activated, it installed further malware on the victim’s machine to create a network of remotely controllable bots. It recently gained popularity among well-known ransomware groups, such as Conti, ProLock, Egregor, and REvil, which resulted in significant ransom payments totalling $58 million over the previous 18 months.
A power engineering company in Illinois, financial services companies in Alabama, Kansas, and Maryland, a defense factory in Maryland, and a food distribution business in Southern California are among the victims of these ransomware gangs.
The US State Department’s prizes for Justice program is offering prizes of up to $10 million for information that helps identify the Qakbot operators in an effort to promote collaboration.