Wednesday, May 21, 2025
Follow us On Linkedin
Homecyber securityDismantling Qakbot Botnet - FBI's Largest Cyber Operation Ever

Dismantling Qakbot Botnet – FBI’s Largest Cyber Operation Ever

cyber securityCyber Security News

Published on

By Tushar Subhra
Dismantling Qakbot Botnet – FBI’s Largest Cyber Operation Ever

Supply Chain Attack Prevention

SIEM as a Service

Follow Us on Google News

Qakbot (aka QBot, Pinkslipbot) is a sophisticated banking Trojan malware that can spread through various methods. Once installed on a system, Qakbot can collect:-

  • Login credentials.
  • Intercept online banking transactions.
  • Gain remote control over the infected computer.

The FBI, along with the Justice Department, led a multinational operation to dismantle the complete infrastructure of the Qakbot malware and botnet on August 29.

In this joint operation, ransomware and cybercriminal activities were actively targeted across seven countries that we have mentioned below:-

- Advertisement - Google News
  • The U.S.
  • France
  • Germany
  • The Netherlands
  • Romania
  • Latvia
  • The United Kingdom

Besides this, the director of the FBI, Christopher Wray, stated:-

“This botnet was actually one of the longest-lasting ones we’ve seen, and its reach spanned across the entire world. Previously, threat actors utilized this botnet to launch ransomware attacks and steal personal data.”

Prominent ransomware groups, including Conti and ProLock, utilized this botnet, resulting in significant losses for businesses. In addition, the operation led to the seizure of millions in cryptocurrency.

Previously, the ransomware actors leveraged this botnet for a 4.9 million dollar ransom from a publishing company. Threat actors have furthermore exploited it to steal terabytes of medical data from a healthcare provider.

Dismantling Qakbot Botnet

The FBI Director Christopher Wray confirmed the neutralization of an expansive criminal chain, affecting the following sectors across the US:-

  • Financial institutions
  • Infrastructure,
  • Medical device maker
  • Government contractors

Qakbot malware was born in 2008, and since then, in the U.S. and globally, it has caused hundreds of millions of dollars in losses through ransomware and cybercrime.

In the operation, the FBI legally accessed Qakbot’s infrastructure and discovered:-

  • 700,000 global infected devices
  • 200,000 in the U.S. (Among the 700,000 global infected devices)

In an effort to stop the botnet from spreading by distributing an uninstaller that would liberate infected devices from the virus and stop new malware from being installed, the FBI diverted the Qakbot traffic to control servers.

Keep informed about the latest Cyber Security News by following us on Google NewsLinkedinTwitter, and Facebook.

Tushar Subhra
Tushar Subhra
Tushar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Latest articles

cyber security

Accenture Files Leak – New Research Reveals Projects Controlling Billions of User Data

A new research report released today by Progressive International, Expose Accenture, and the Movement...
APT

Kimsuky APT Group Deploys PowerShell Payloads to Deliver XWorm RAT

Cybersecurity researchers have uncovered a sophisticated malware campaign orchestrated by the notorious Kimsuky Advanced...
cyber security

More_Eggs Malware Uses Job Application Emails to Distribute Malicious Payloads

The More_Eggs malware, operated by the financially motivated Venom Spider group (also known as...
cyber security

RedisRaider Campaign Targets Linux Servers by Exploiting Misconfigured Redis Instances

Datadog Security Research has uncovered a formidable new cryptojacking campaign dubbed "RedisRaider," specifically targeting...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

Register Now

More like this

cyber security

Accenture Files Leak – New Research Reveals Projects Controlling Billions of User Data

A new research report released today by Progressive International, Expose Accenture, and the Movement...
APT

Kimsuky APT Group Deploys PowerShell Payloads to Deliver XWorm RAT

Cybersecurity researchers have uncovered a sophisticated malware campaign orchestrated by the notorious Kimsuky Advanced...
cyber security

More_Eggs Malware Uses Job Application Emails to Distribute Malicious Payloads

The More_Eggs malware, operated by the financially motivated Venom Spider group (also known as...

GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents.

Company

Trending

Categories

Copyright @ 2016 - 2025 GBHackers On Security - All Rights Reserved