iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
A multinational cyber sting has seen the infamous Qakbot malware dismantled.
Qakbot is a banking Trojan first discovered in 2008 designed to steal sensitive information through a number of means including remote access, keystroke tracking, and more.
Computers infected with Qakbot join a malware network of compromised devices in which threat actors are then able to remotely control all of them, without the device owners knowing.
Qakbot was distributed through compromised links in phishing emails, which once clicked on, would install it alongside other malware.
The FBI, along with international security agencies in the US, France, Germany, the Netherlands, Romania, Latvia, and the UK, launched a major cyber takedown on Qakbot, dismantling the botnet.
“The FBI neutralised this far-reaching criminal supply chain, cutting it off at the knees," said Christopher Wray, FBI Director.
“The victims ranged from financial institutions on the east coast to a critical infrastructure government contractor in the Midwest to a medical device manufacturer on the west coast.”
Law enforcement seized over US$8.6 million in illegal profits and detected over 700,000 infected devices.
“Cyber criminals who rely on malware like Qakbot to steal private data from innocent victims have been reminded today that they do not operate outside the bounds of the law,” Attorney General Merrick B Garland said.
“Together with our international partners, the Justice Department has hacked Qakbot’s infrastructure, launched an aggressive campaign to uninstall the malware from victim computers in the United States and around the world, and seized $8.6 million in extorted funds.”
The malware was used by a number of major cyber criminal organisations. According to information provided to Cyber Security Connect by Secureworks, the GOLD LAGOON threat group has earned an approximate US$58 million in profits through the use of the malware.
“Qakbot was the botnet of choice for some of the most infamous ransomware gangs, but we have now taken it out,” said US Attorney Martin Estrada for the Central District of California.
The FBI said it was able to disrupt the botnet’s activities by redirecting Qakbot traffic to FBI controlled servers, which then instructed infected devices to download a file that uninstalled the malware.
“All of this was made possible by the dedicated work of FBI Los Angeles, our cyber division at FBI Headquarters, and our partners, both here at home and overseas,” added Wray.
“The cyber threat facing our nation is growing more dangerous and complex every day. But our success proves that our own network and our own capabilities are more powerful.”
Be the first to hear the latest developments in the cyber industry.
