FBI Takes Down International Ransomware Network

(ConservativeJournal.org) – On Tuesday, August 29, US authorities revealed that they successfully destroyed a network responsible for infecting hundreds of thousands of computers with the notorious malware called “Qakbot”. The malware made way for cyberattacks, causing huge financial losses worldwide.

The FBI considers the operation a remarkable achievement in thwarting a botnet infrastructure employed by cybercriminals to execute various forms of cybercrime, including ransomware attacks and financial fraud.

First identified in 2008, Qakbot has consistently utilized malicious hyperlinks or attachments in spam email messages to infiltrate victims’ computers. The compromised machines would then unknowingly become a component of the network.

This botnet facilitated the operations of prominent ransomware groups, including Conti and REvil. Their targets encompassed various organizations such as hospitals, schools, and local government bodies. These groups typically held sensitive data hostage, demanding ransom payments for its release. Among the victims were an Illinois-based engineering company, an Alabama financial firm, and a California food company.

The administrators of Qakbot apparently received around $58 million in ransom payments from victims between October 2021 and April 2023. The Justice Department noted that over 700,000 victims have been identified, of which 200,000 are located in the United States.

The FBI orchestrated the deactivation of Qakbot by inducing computers contaminated with the malware to propagate and download a specially created file. This file instructed the affected computers to uninstall the malware and sever their connections with the botnet.

Senior officials from the FBI and the Justice Department, who opted to remain anonymous, offered insights into the operation. However, they declined to comment on the potential national affiliations of the Qakbot network. No arrests have been reported, and the ongoing investigation seeks to identify those responsible for creating the network.

In addition to disabling the network, authorities seized approximately $8.7 million in stolen cryptocurrency which they directly associated with Qakbot’s activities. These funds will be given back to the victims.

Copyright 2023, ConservativeJournal.org