The U.S. government, in collaboration with international partners, has successfully dismantled the notorious QakBot malware network. This malware has plagued businesses and agencies for years, but the combined forces have not only shut it down but also recovered millions in lost funds.
QakBot, active in the cyber underworld since 2008, began as a banking trojan. Over time, it evolved into a preferred tool for cybercrime groups, setting up compromised networks for intense ransomware attacks. The malware typically spread through deceptive emails containing malicious links, attachments, or embedded images. Once activated, QakBot would infiltrate systems, communicating with its command-and-control servers to gather valuable information like credentials and banking details. This data could then be stolen or used to launch further attacks.
The crackdown, named “Operation Duck Hunt,” was described by Martin Estrada, U.S. attorney for the Southern District of California, as the “most significant” operation against a botnet by the Department of Justice. In the past 18 months, QakBot was linked to 40 ransomware attacks, causing losses of around $58 million. The operation involved the DOJ and FBI seizing control of the malware’s servers and instructing infected systems to disconnect from QakBot.
In the last year, QakBot infiltrated over 700,000 machines, with more than 200,000 located in the U.S. The operation’s international efforts resulted in the seizure of over 50 internet servers across seven countries and the confiscation of approximately $9.5 million in cryptocurrency.
While “Duck Hunt” has significantly impacted QakBot’s operations, individuals are urged to remain vigilant, using robust antivirus software, strong passwords, and 2-factor authentication.
Source: CyberGuy
To mitigate potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net or you can try your self using check.website.