Meet Qakbot: a Modern Malware Shapeshifterįollowing its first appearance in 2007, Qakbot became one of the most prevalent long-term cyber threats in modern history, dominating the threat landscape over the last decade and a half.Īlso known as Qbot, Quakbot, and Pinkslipbot, the malware is modular in nature, enabling cyber crinimals to configure it to their specific needs. In this blog, let’s take a closer look at Qakbot, including new information on an unusual global campaign observed in the week prior to the high-profile takedown. The investigation is currently described as “ongoing.” No arrests were made in conjunction with the takedown, and authorities did not disclose where the malware operators are thought to be located - although Russia has been implicated. While Operation Duck Hunt set new milestones in the law enforcement targeting of widespread cyberthreats, cybersecurity experts caution that any setback dealt to cybercrime actors would most likely be temporary. In fact, “Nearly ever sector of the economy has been victimized by Qakbot,” said Estrada. The BlackBerry Research and Intelligence team identified Qakbot as one of the Trojans most frequently used against healthcare organizations in Q4 2022, but other sectors also suffered from Qakbot attacks. Qakbot has been implicated in 40 ransomware attacks over the last 18 months, which have collectively cost victims more than $58 million in losses. attorney for the Southern District of California, at a press conference in Los Angeles. “This is the most significant technological and financial operation ever led by the Department of Justice against a botnet,” said Martin Estrada, the U.S. The DoJ also announced the seizure of more than $8.6 million in illicit cryptocurrency profit. The multinational operation invoved actions in the U.S., France, Germany, the Netherlands, the UK, Romania, and Lativa, to disrupt the botnet. ![]() The task force then obtained court orders to remotely remove the malware from infected devices, which at the time numbered some 700,000 machines globally, including 200,000 computers in the U.S. The big question is: Will it stick?Ĭode-named Operation Duck Hunt, the coordinated international operation allowed authorities to seize control of Qakbot’s online infrastructure. Department of Justice (DoJ) and the FBI launched their joint takedown of Qakbot, one of the longest-running malware families and botnets, it sent ripples though worldwide law enforcement and cybercrime communities. Following the takedown of Qakbot by international authorities, we dig deeper into this ubiquitous malware, and provide tips on how to stay safe in the aftermath.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |