FBI Destroys Massive Zombie Network Infecting Over 700000 Computers
FBI Destroys Massive Zombie Network Infecting Over 700000 Computers
FBI Destroys Massive Zombie Network Infecting Over 700000 Computers
The U.S. Government has just assisted in dismantling a large-scale computer network infected with one of the world’s most notorious malware.
According to the Federal Bureau of Investigation (FBI), a multinational operation led by the United States has taken down Qakbot, a malicious software that infiltrated over 700,000 computers worldwide.
Hackers typically targeted Qakbot victims by sending spam emails containing malicious attachments or links. Once victims downloaded the attachments or clicked the links, Qakbot infected their computers, making them part of a zombie network, which is a network of infected computers remotely controlled by hackers. From there, malicious actors could install other malware, such as ransomware, on the victims’ devices.
To dismantle the network, the FBI routed Qakbot through servers controlled by the agency, instructing infected computers in the United States and elsewhere to download software to remove the Qakbot malware.
The installation also severed infected computers from the zombie network, “preventing further installation of malicious software through Qakbot,” as noted by the Department of Justice.
This operation was limited to the malware installed by Qakbot actors and “did not extend to remedying other malicious software already installed on victims’ computers.”
Apart from the United States, the “Operation Duck Hunt” involved the European Union Agency for Law Enforcement Cooperation (Europol) and law enforcement agencies from France, Germany, the Netherlands, the United Kingdom, Romania, and Latvia.
The U.S. stated that the zombie network had caused losses in the hundreds of millions of dollars and infected over 200,000 computers in the United States.
Qakbot first emerged in 2008 and had been utilized by several prolific ransomware groups, including Conti, REvil, MegaCortex, and others.
As part of the operation, the Department of Justice seized cryptocurrency ransom funds worth $8.6 million.
U.S. Attorney Martin Estrada stated in a release, “International cooperation led by the Department of Justice and the FBI has resulted in the takedown of Qakbot, one of the most notorious zombie networks ever, causing significant harm to victims worldwide. Qakbot was a zombie network of choice for some of the most notorious ransomware groups, but we’ve now taken it down.”
The FBI has provided the credentials they discovered during the operation to the Have I Been Pwned website for individuals to check if they have been affected.
The Dutch National Police have also added affected credentials to their “Check Your Hacker” website.
