FBI agents, as part of an international operation, dismantled the Qakbot botnet, which had infected more than 700,000 computers worldwide. According to Минюст США.
In recent years, Qakbot has been actively used by ransomware groups, including Conti, ProLock, Egregor, REvil, MegaCortex and Black Basta.
According to investigators, from October 2021 to April 2023, Qakbot administrators received about $58 million in ransoms paid by victims. Law enforcement seized more than $8.6 million in bitcoins.
Initially the malware reached victims’ computers via phishing email campaigns. Subsequently, operators used it to deploy ransomware.
The FBI gained access to Qakbot’s infrastructure and took the botnet offline.
As reported in May, the U.S. Department of Justice announced the dismantling of an international network of computers infected with the Snake P2P botnet and involved in espionage on behalf of Russia. According to the agency, the malware was spread by the hacking group Turla, linked to the FSB.