San Francisco, Aug 30 (IANS): The Federal Bureau of Investigation (FBI) has disrupted and dismantled the infamous Qakbot malware, and has identified more than 700,000 infected computers worldwide, including more than 200,000 in the US.
The Department of Justice (DoJ) announced a multinational operation involving actions in the US, France, Germany, the Netherlands, the UK, Romania, and Latvia to disrupt the botnet and malware known as Qakbot and take down its infrastructure.
The Qakbot malicious code is being deleted from victim computers, preventing it from doing any more harm. The DoJ also announced the seizure of more than $8.6 million in cryptocurrency in illicit profits.
The action represents the largest financial and technical disruption of a botnet infrastructure leveraged by cybercriminals to commit ransomware, financial fraud, and other cyber-enabled criminal activity.
“Cybercriminals who rely on malware like Qakbot to steal private data from innocent victims have been reminded that they do not operate outside the bounds of the law,” said Attorney General Merrick B. Garland.
“Together with our international partners, the Justice Department has hacked Qakbot’s infrastructure, launched an aggressive campaign to uninstall the malware from victim computers in the United States and around the world, and seized $8.6 million in extorted funds,” he said in a statement late on Tuesday.
This operation also led to the seizure of almost $9 million in cryptocurrency from the Qakbot cybercriminal organisation, which will now be made available to victims.
“The Operation ‘Duck Hunt’ Team utilised their expertise in science and technology, but also relied on their ingenuity and passion to identify and cripple Qakbot, a highly structured and multi-layered bot network that was literally feeding the global cybercrime supply chain,” said Donald Alway, the Assistant Director in Charge of the FBI’s Los Angeles Field Office.
According to court documents, Qakbot is controlled by a cybercriminal organisation and used to target critical industries worldwide.
The Qakbot malware primarily infects victim computers through spam email messages containing malicious attachments or hyperlinks.
These ransomware groups caused significant harm to businesses, healthcare providers, and government agencies all over the world.