Qakbot malware
US Leads International Operation to Stop Botnet Infrastructure
The Department of Justice and the FBI led a multinational operation on Tuesday to disrupt Qakbot, a malware and botnet infrastructure used to commit ransomware, financial fraud and other cybercrimes.
The FBI said it flagged 700,000 infected computers worldwide, including over 200,000 in the United States.
The operation saw Qakbot traffic redirected to servers that instructed infected computers to download an uninstaller that removes the malware and prevents the insertion of additional malicious programs.
Qakbot infected computers through spam emails with malicious content and links. Devices with the malware became part of a network of compromised computers that could be controlled remotely without users’ knowledge.
FBI Director Christopher Wray said the action neutralized the “far-reaching criminal supply chain.” He noted that its victims included U.S. financial institutions, a critical infrastructure government contractor and a medical device manufacturer.
Malicious actors have used Qakbot to perpetrate ransomware attacks and other cybercrime worldwide since 2008, the FBI said.
Previously, Qakbot was identified by the Cybersecurity and Infrastructure Security Agency and the Australian Cyber Security Centre as one of the top malware strains in 2021.
Category: Cybersecurity