In a blog post, the security agency described how it instructed infected computers in the US and elsewhere to download software that uninstalled the Qakbot malware. The installer also isolated infected computers from the botnet, “preventing further installation of malware via Qakbot.”
US Department of Justice ,DOJ) also noted that the action was limited only to malware installed by Qakbot hackers and “did not extend to fixing other malware already installed on victim computers.”
How did this malware affect users?
Hackers target victims by sending them spam emails containing attachments or links filled with this malware. Whenever victims click on a link or download an attachment, Qakbot infects their computer. The system then becomes part of a botnet, which is a network of infected computers that are controlled remotely by hackers. After this, cyber criminals can install any malware like ransomware on their victims’ devices.
operation duck hunt
Apart from the American operation, Europol And other security agencies from countries like France, Germany, Netherlands, UK, Romania and Latvia were also involved in the cyber security mission called Operation Duck Hunt for the same malware. As part of the latest operation, the DOJ seized $8.6 million worth of extorted funds in crypto.
The report said the botnet was responsible for millions of dollars in losses and infected more than 200,000 computers in the US. Qakbot has been around since 2008 and has been used by several ransomware groups. These include Conti, Revil, megacortex even more.
In a statement, the US Attorney martin estrada Said: “An international partnership led by Justice Department And the FBI has dismantled Kakabot, one of the most notorious botnets ever, responsible for massive losses to victims worldwide. Cuckbot was the botnet of choice for some of the most notorious ransomware gangs, but we have now removed it.
Have I Been Pwned website showing compromised credentials found by the FBI during the operation. The site allows users to enter their email to check if they have been affected. Dutch National Police has also added the affected credentials they discovered on their Check Your Hack site.
#Fbi #FBI #takes #botnet #infecting #computers