International Qakbot malware network dismantled that affected more than 700,000 computers

In an unprecedented move, the US Department of Justice announced the successful takedown of the infrastructure of an insidious program known as Qakbot. This malicious network, which had left its mark on more than 700,000 computers around the world, has finally been eradicated.

Under the direction of the FBI, international collaboration played a key role in this large-scale operation. Authorities from France, Germany, the Netherlands, the United Kingdom, Romania and Latvia joined forces to end the Qakbot threat.

The nefarious malware, used to steal sensitive data, along with its complex botnet, wreaked hundreds of millions of dollars worth of financial havoc globally.

The scale of this joint action represents the most forceful US-led strike against a botnet, which, until recently, had been used by cybercriminals to carry out ransomware attacks, financial fraud and other cybercrime. The Department of Justice highlighted the importance of this intervention in the fight against digital crime.

Within the framework of this operation, about 8.6 million dollars in cryptocurrencies were seized, profits illegally generated by this malicious operation.

Attorney General Merrick Garland stressed that this operation has sent a clear message to cybercriminals who rely on malware like Qakbot: they are not out of the reach of justice. He explained that the Department of Justice managed to infiltrate Qakbot’s infrastructure, sparking a global campaign to remove the malware from victim machines both in the United States and abroad.

According to documented evidence, Qakbot, also known by aliases such as “Qbot” and “Pinkslipbot”, is controlled by a cybercriminal organization that uses it to attack key industries around the world.

Qakbot’s preferred method of infection is via spam emails that carry malicious attachments or links. Once it infiltrates a system, Qakbot has the ability to download additional malware or even take complete control of the infected machine.

In recent years, Qakbot has served as an entry point for several prolific ransomware groups, including Conti, ProLock, Egregor, REvil, MegaCortex, and Black Basta. These groups have wreaked havoc by extorting business and government organizations through ransomware attacks, demanding payments in Bitcoin in exchange for restoring access to their systems.

The Justice Department’s statement concludes by noting that these ransomware groups have left a detrimental impact on businesses, healthcare providers, and government agencies around the world.

K. Tovar

Source: Bancaynegocios

(Reference image source: Michael Geiger, Unsplash)

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on Twitter and Instagram