Global Law Enforcement Disrupts QakBot Malware Network, Seizes Servers and $9M in Cryptocurrency
In a significant global effort, international law enforcement agencies have successfully disrupted the QakBot malware network. Known as 'Duck Hunt', the operation involved seizing control over the botnet's online infrastructure and removing the Qakbot malware from tens of thousands of infected Microsoft Windows computers.
QakBot, also known as Qbot and Pinkslipbot, has been a major threat in cyberspace. It started as a banking trojan but evolved into an advanced malware strain, used to prepare networks for ransomware attacks. The U.S. Department of Justice (DOJ) and Federal Bureau of Investigation (FBI) led the operation, working with Germany and the Netherlands to seize over 50 internet servers connected to the malware network.
The scale of the operation was vast. The DOJ accessed the botnet's control panel, revealing that Qakbot had infected over 700,000 machines in the past year, including 200,000 in the United States. Law enforcement also seized nearly $9 million in ill-gotten cryptocurrency and obtained court orders to remove Qakbot from infected devices and seize servers used to control the botnet.
QakBot has been closely associated with ransomware attacks from Black Basta, a prolific Russian-language criminal group. In the past 18 months, Qakbot has been implicated in 40 different ransomware attacks, resulting in more than $58 million in losses. The operation is a significant blow to these cybercrime activities.
The successful disruption of the QakBot malware network is a testament to international cooperation in combating cybercrime. The seizure of internet servers and recovery of ill-gotten funds will hinder the operations of cybercriminal groups, including Black Basta. The operation sends a strong message that such activities will not be tolerated and that law enforcement agencies worldwide are committed to protecting digital spaces.
Read also:
- Singapore Warns of China-Linked APT Group Targeting Critical Infrastructure
- Trump and Xi speak over the phone, according to China's confirmation.
- NVIDIA introduces Blackwell to the cloud and unveils the significant enhancement of GeForce Now at Gamescom 2025, marking a major step in cloud gaming technology.
- Strategies for Adhering to KYC/AML Regulations in India, a Leading Fintech Center (2024)
