Qakbot (aka QBot, Pinkslipbot) is a sophisticated banking Trojan malware that can spread through various methods. Once installed on a system, Qakbot can collect:-
The FBI, along with the Justice Department, led a multinational operation to dismantle the complete infrastructure of the Qakbot malware and botnet on August 29.
In this joint operation, ransomware and cybercriminal activities were actively targeted across seven countries that we have mentioned below:-
Besides this, the director of the FBI, Christopher Wray, stated:-
“This botnet was actually one of the longest-lasting ones we’ve seen, and its reach spanned across the entire world. Previously, threat actors utilized this botnet to launch ransomware attacks and steal personal data.”
Prominent ransomware groups, including Conti and ProLock, utilized this botnet, resulting in significant losses for businesses. In addition, the operation led to the seizure of millions in cryptocurrency.
Previously, the ransomware actors leveraged this botnet for a 4.9 million dollar ransom from a publishing company. Threat actors have furthermore exploited it to steal terabytes of medical data from a healthcare provider.
The FBI Director Christopher Wray confirmed the neutralization of an expansive criminal chain, affecting the following sectors across the US:-
Qakbot malware was born in 2008, and since then, in the U.S. and globally, it has caused hundreds of millions of dollars in losses through ransomware and cybercrime.
In the operation, the FBI legally accessed Qakbot’s infrastructure and discovered:-
In an effort to stop the botnet from spreading by distributing an uninstaller that would liberate infected devices from the virus and stop new malware from being installed, the FBI diverted the Qakbot traffic to control servers.
Keep informed about the latest Cyber Security News by following us on Google News, Linkedin, Twitter, and Facebook.
Cybersecurity researchers and red teamers, a newly released tool named CefEnum is shedding light on…
Russian threat actors have been leveraging trusted cloud infrastructure platforms like Oracle Cloud Infrastructure (OCI)…
A critical security vulnerability has been discovered in Netwrix Password Secure, a widely used enterprise…
Cisco Talos has uncovered active exploitation of a zero-day remote-code-execution vulnerability, identified as CVE-2025-0994, in…
The Foundation for Defense of Democracies (FDD) and cybersecurity firm TeamT5 has exposed an intricate…
A sophisticated social engineering campaign that leverages the viral power of TikTok to distribute dangerous…