FBI-Led Global Effort Takes Down Massive Qakbot Botnet
A multinational action called Operation “Duck Hunt” — led by the FBI, the Department of Justice, the National Cybersecurity Alliance, Europol, and crime officials in France, Germany, the Netherlands, Romania, Latvia and the U.K. — was able to gain access to the Qakbot network and shut down the malicious botnet, which has affected 700,000 computers worldwide.
Over the course of its more than 15-year campaign, Qakbot (aka Qbot and Pinkslipbot) has launched some 40 worldwide ransomware attacks focused on companies, governments and healthcare operations. The DOJ noted that over just the past year and a half, Qakbot has caused nearly $58 million in damages. As part of the action against Qakbot, the DOJ seized approximately $8.6 million in cryptocurrency in illicit profits.
The DOJ said it received technical assistance from Zscaler and that the FBI partnered with the Cybersecurity and Infrastructure Security Agency, Shadowserver, Microsoft Digital Crimes Unit, the National Cyber-Forensics and Training Alliance, and Have I Been Pwned to aid in victim notification and remediation.