Topline
The FBI and other European law enforcement agencies have dismantled a global malware network that was used for ransomware attacks, according to an announcement by the Justice Department on Tuesday, after the network caused hundreds of millions of dollars in losses in the U.S. and abroad since 2008.
Key Facts
The FBI and law enforcement agencies from France, Germany, the Netherlands, the U.K., Romania and Latvia identified more than 700,000 computers—including more than 200,000 in the U.S.—that were infected with the malware known as Qakbot, according to the Justice Department.
The agencies seized an unspecified number of infected computers, in addition to $8.6 million in cryptocurrency from hackers that utilized the malware to commit ransomware, financial fraud and “other cyber-enabled criminal activity.”
The FBI said it disrupted the malware’s network by redirecting its traffic to servers controlled by the agency, which instructed infected computers to download a file that would uninstall the malware.
Martin Estrada, U.S. Attorney for the Central District of California, said Tuesday the malware had caused hundreds of millions of dollars in damages to businesses, healthcare providers and government agencies.
FBI Director Christopher Wray said victims of the malware varied by background, but included “financial institutions on the East Coast to a critical infrastructure government contractor in the Midwest to a medical manufacturer on the West Coast.”
A senior FBI official told CNN that the hackers could rebuild the malware’s infrastructure, though it would take “years to put together and it would be difficult and time-consuming” to reestablish “in the same manner that they had before.”
Crucial Quote
“The cyber threat facing our nation is growing more dangerous and complex every day,” Wray said.
Big Number
$58 million. That’s how much hackers received in ransom funds paid by malware victims between October 2021 and April 2023, according to the Justice Department.
Key Background
Qakbot has been widely used by “ransomware gangs” since it was created in 2008, according to the Justice Department. Qakbot—also referred to as “Qbot” or “Pinkslipbot”—is suspected of having origins in Russia, according to Reuters. The malware infects computers through spam emails, which contain attachments or links that will privately install the malware that will connect the computer to a botnet, or a network of compromised computers, that can be controlled remotely. The FBI noted that most victims of the Qakbot malware were typically unaware that their computers had been infected.
Further Reading
U.S. Says It And Partners Have Taken Down Notorious ‘Qakbot’ Hacking Network (Reuters)
FBI Announces It Has Dismantled Global Network Of Hacked Computers Used In Major Fraud Scheme (CNN)
"used" - Google News
August 30, 2023 at 01:03AM
https://ift.tt/rZJ4VCc
FBI Dismantles Global Malware Network Qakbot Used For Ransomware Attacks - Forbes
"used" - Google News
https://ift.tt/jPlaC3q
https://ift.tt/SCKkfQT
Bagikan Berita Ini
0 Response to "FBI Dismantles Global Malware Network Qakbot Used For Ransomware Attacks - Forbes"
Post a Comment