US and partners have taken down notorious 'Qakbot' hacking network
On Tuesday, U.S. officials announced the dismantling of the infamous "Qakbot" malware platform through a collaborative international law enforcement effort. This platform had been widely utilized by cybercriminals for a range of financial illicit activities.
Initially detected over ten years ago, Qakbot typically propagated through deceptive emails containing malicious attachments, which were distributed to individuals who were unaware of the threats they posed.
The U.S. Department of Justice disclosed that this operation, codenamed "Duck Hunt," was executed in conjunction with the participation of various entities, including the Federal Bureau of Investigation and the law enforcement agencies of France, Germany, the Netherlands, Britain, Romania, and Latvia.
According to U.S. attorney Martin Estrada, the action taken against Qakbot represents the largest and most impactful technological and financial operation ever spearheaded by the department against a botnet.
Cybersecurity experts posit that Qakbot likely has its origins in Russia and has carried out assaults on various organizations across the globe, spanning from Germany to Argentina.
Estrada indicated that the Qakbot malware had managed to compromise over 700,000 computers belonging to victims. This allowed for the deployment of ransomware and resulted in several hundred million dollars' worth of harm inflicted upon businesses, healthcare institutions, and governmental bodies.
As a component of the operation, law enforcement agencies confiscated a total of 52 servers situated both within the United States and overseas.
With the intention of dismantling the cybercrime network, the FBI undertook the strategy of rerouting Qakbot's internet traffic to servers under their control. This approach effectively uninstalled the associated malware from the compromised computers.
In executing this tactic, the FBI assured that they eradicated malicious files from individual systems without accessing or gathering any personal information.