by Carly Page at Tech Crunch
A U.S. government operation has dismantled the infrastructure of the notorious Qakbot malware, which officials say caused “hundreds of millions” of dollars of damage worldwide.
In an announcement on Tuesday, the FBI said that it had successfully “disrupted and dismantled” the Qakbot malware, and had identified more than 700,000 infected computers worldwide — including more than 200,000 in the United States.
The Department of Justice also announced the seizure of more than $8.6 million in cryptocurrency from the Qakbot cybercriminal organization, which will now be made available to victims.
The operation, which was carried out in partnership with law enforcement agencies in France, Germany, the Netherlands, Romania, Latvia, and the United Kingdom, is described as the largest U.S.-led financial and technical disruption of a botnet infrastructure leveraged by cybercriminals to commit ransomware, financial fraud, and other cyber-enabled criminal activity.
To dismantle the botnet, the FBI gained lawful access to Qakbot’s infrastructure and redirected Qakbot traffic to FBI-controlled servers, which instructed infected computers to download an uninstaller file. This uninstaller was created by law enforcement to untether the victims’ computers from the Qakbot botnet, preventing further installation of malware through Qakbot.
During this operation, named “Operation Duck Hunt,”…Continue Reading