Operation 'Duck Hunt' Dismantles QakBot, Recovers $9M in Crypto
In an international operation codenamed 'Duck Hunt', authorities have successfully dismantled QakBot, a notorious malware botnet. Led by the U.S. Department of Justice (DOJ) and Federal Bureau of Investigation (FBI), the operation involved seizing control of the botnet's infrastructure and removing the malware from tens of thousands of infected computers worldwide.
QakBot, also known as Qbot or PinkSlip, has been a significant threat in the cybercrime landscape. It was commonly delivered via phishing emails disguised as legitimate documents, and was associated with at least 40 ransomware attacks over the past 18 months, causing over $58 million in losses. The malware was often used as a 'loader', accounting for nearly one-third of all loaders observed in the first half of this year.
During the operation, authorities gained access to an online panel used by cybercriminals to control the botnet. They obtained a court order to instruct all infected systems to uninstall QakBot and disconnect from the botnet. The DOJ seized more than 50 internet servers tied to the malware network and recovered nearly $9 million in ill-gotten cryptocurrency. They also retrieved more than 6.5 million stolen passwords and other credentials, which were shared with 'Have I Been Pwned' and a 'Check Your Hack' website set up by the Dutch National Police.
The successful dismantling of QakBot is a significant victory against cybercrime. The operation highlights the importance of international cooperation in combating global threats. It also serves as a reminder for individuals and organizations to remain vigilant against phishing attempts and to keep their antivirus software up to date.
