How the FBI took down the Qakbot botnet

In an impressive global operation known as “Operation Duck Hunt,” the FBI and its international partners successfully dismantled the notorious Qakbot botnet, considered the largest U.S.-led disruption of a botnet infrastructure to date. Qakbot is a banking trojan that allowed other hackers to access victims’ networks and deliver their own malware, including ransomware. Over the past 18 months, Qakbot has facilitated more than 40 ransomware attacks, resulting in $58 million in ransom payments. The operation involved redirecting the botnet’s network traffic to servers under the control of the U.S. government, allowing the FBI to take control and remove the Qakbot malware from infected devices. In addition, the operation resulted in the seizure of over $8.6 million in cryptocurrency from the cybercriminal organization behind Qakbot, which will be returned to victims. This successful operation adds to the FBI’s track record in taking down major cyber threats, including disrupting Chinese and Russian botnets in recent years.

https://techcrunch.com/2023/09/01/fbi-qakbot-takedown-operation-duck-hunt/

To top