First discovered more than a decade ago, Qakbot is commonly
spread through malicious, boobytrapped emails sent to
unsuspecting victims.
The U.S. Department of Justice said the operation, nicknamed
Duck Hunt, involved the Federal Bureau of Investigation as well
as France, Germany, the Netherlands, Britain, Romania and
Latvia.
U.S. attorney Martin Estrada said the move against Qakbot was
the most significant technological and financial operation ever
led by the department against a botnet. The term botnet is used
to refer to an interconnected network of infected computers that
hackers use to spread viruses.
"Together we have taken down Qakbot and saved countless victims
from future attacks," he told a news conference.
Security researchers say they believe Qakbot originates from
Russia and has attacked organizations around the world, from
Germany to Argentina.
Estrada said Qakbot malware had infected more than 700,000
victim computers, facilitated ransomware deployments, and caused
hundreds of millions of dollars in damage to businesses,
healthcare providers, and government agencies.
As part of the operation, agencies seized 52 servers in the
United States and abroad.
Investigators found evidence that between October 2021 and April
2023, Qakbot administrators received fees corresponding to
approximately $58 million in ransoms paid by victims.
In order to cripple the cybercrime network, the FBI said it had
redirected Qakbot internet traffic to bureau-controlled servers
that effectively uninstalled the corresponding malware from
victim computers.
In doing so, the FBI said it had actively removed malicious
files from private systems while not viewing or collecting any
personal information.
In a statement, FBI Director Christopher Wray said victims
ranged from financial institutions on the East Coast to a
critical infrastructure government contractor in the Midwest to
a medical device manufacturer on the West Coast.
"The FBI neutralized this far-reaching criminal supply chain,
cutting it off at the knees," he said.
(Reporting by Christopher Bing and David Ljunggren; Editing by
Chizu Nomiyama)
[© 2023 Thomson Reuters. All rights
reserved.] Copyright 2022 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
Thompson Reuters is solely responsible for this content.
|
|