The FBI in partnership with European authorities has infiltrated and taken down a massive malware network that has been operating for over 15 years, committing online crimes that include ransomware attacks.

Following the raid, the agency “remotely removed the malicious software agent — known as Qakbot — from thousands of infected computers,” according to CBS News.

Despite the impressive dismantling of the network, cybersecurity experts are warning it is only temporary. In other words, they’ll be back.

“Nearly every sector of the economy has been victimized by Qakbot,” Martin Estrada, the US attorney in Los Angeles, remarked as he announced the raid. The criminal network has been behind at least 40 ransomware attacks over the last 18 months. According to investigators, those attacks netted about $58 million.

(Video Credit: Forbes Breaking News)

“Qakbot’s ransomware victims included an Illinois-based engineering firm, financial services organizations in Alabama and Kansas, along with a Maryland defense manufacturer and a Southern California food distribution company, Estrada said,” CBS News noted.

Officials are crowing over $8.6 million in cyber currency being seized or frozen. No arrests have been announced so far.

Estrada gave the standard FBI line that the investigation is ongoing.

“He would not say where administrators of the malware, which could be marshaled into a botnet of zombie computers, were located. Cybersecurity researchers say they are believed to be in Russia and/or other former Soviet states,” CBS News reported.

Qakbot Malware Disrupted in International Cyber Takedown @FBILosAngeles Read Director Wray’s quote below: https://t.co/uwYNiIVwyp pic.twitter.com/PqlUAm6xrH

— FBI (@FBI) August 30, 2023

According to authorities, the so-called malware loader, also known as Pinkslipbot and Qbot, was utilized causing hundreds of millions of dollars in damage since it first appeared on the scene in 2008 as an information-stealing bank trojan. Millions of people have been affected across the globe.

“Typically delivered via phishing email infections, Qakbot gave criminal hackers initial access to violated computers. They could then deploy additional payloads including ransomware, steal sensitive information or gather intelligence on victims to facilitate financial fraud and crimes such as tech support and romance scams,” CBS News noted.

“The Qakbot network was literally feeding the global cybercrime supply chain,” Donald Alway, the assistant director in charge of the FBI’s Los Angeles office, stated calling it “one of the most devastating cybercriminal tools in history.”

“In the first half of 2023, Qakbot accounted for about 30% of such attacks globally, according to one cybersecurity firm’s study. Such “initial access” tools allow extortionist ransomware gangs to skip the initial step of penetrating computer networks, making them major facilitators for the far-flung mostly Russian-speaking criminals who have wreaked havoc by stealing data and disrupting schools, hospitals, local governments, and businesses worldwide,” CBS News continued.

Obama’s, and now Biden’s, FBI

Just took down the largest hacking network in the world#Qakbot

But, couldn’t figure out the unencrypted laptop

That held all the evidence/activities of the #BidenCrimeFamily

Despite it being hand delivered to them

Makes perfect since~ pic.twitter.com/DPZlMi8U93

— TruthInBytes (@bytesintruth) August 29, 2023

The operation that took the network down was called “Duck Hunt.” The FBI joined forces with Europol and law enforcement in France, the United Kingdom, Germany, the Netherlands, Romania, and Latvia. Authorities seized over 50 Qakbot servers and identified more than 700,000 infected computers, more than 200,000 of them in the US alone.

CBS News went on to report, “The FBI then used the seized Qakbot infrastructure to remotely dispatch updates that deleted the malware from thousands of infected computers. A senior FBI official, briefing reporters on condition he not be further identified, called that number ‘fluid’ and cautioned that other malware may have remained on machines liberated from Qakbot.”

This is the biggest coup for the FBI against cyber criminals since it took down the Hive ransomware gang in January.

qakbot admins waking up this morning pic.twitter.com/x8v1cYZYox

— waymon (@obnoxious4n6) August 29, 2023

“It is an impressive takedown. Qakbot was the largest botnet” as far as the number of victims goes, Alex Holden, founder of Milwaukee-based Hold Security, noted. “Large botnets today tend to implode as too many threat actors are mining this data for various types of abuse.”

Cybersecurity expert Chester Wisniewski at Sophos believes that while this may temporarily tamp down the number of ransomware attacks occurring, criminals will shift and revive infrastructure elsewhere or move to other botnets.

“This will cause a lot of disruption to some gangs in the short term, but it will do nothing from it being rebooted,” he declared. “Albeit it takes a long time to recruit 700,000 PCs.”

Get the latest BPR news delivered free to your inbox daily. SIGN UP HERE

• Author
• Recent Posts

Terresa Monroe-Hamilton

Latest posts by Terresa Monroe-Hamilton (see all)

• Trey Gowdy claims Matt Gaetz has ‘a crush on AOC’ and ‘delights in hacking Republicans’ - October 4, 2023
• FBI ‘accidentally’ releases wrong crime statistics to the public - October 4, 2023
• Biden’s dog attacks show a pattern, staffers fear - October 4, 2023

Comment

We have no tolerance for comments containing violence, racism, profanity, vulgarity, doxing, or discourteous behavior. If a comment is spam, instead of replying to it please click the ∨ icon below and to the right of that comment. Thank you for partnering with us to maintain fruitful conversation.