On August 29, the Justice Department and FBI confirmed to had taken down Qakbot by issuing a search warrant to essentially take over the servers that ran the botnet. The critical malware Qakbot was then forcibly removed from hundreds of computers by the botnet after being distributed to them by federal agents.
In the investigations, the agencies found that Quakbot had access to over 700,000 infected computers, 200,000 of which were based in the US.
Qakbot Botnet
Qakbot, aka Qbot, initially commenced its operations in the year 2008, as a Windows-based Trojan designed to acquire access to targeted users’ bank account credentials. It was conventionally spread as malware attachments in phishing emails.
The malware was also designed to develop a botnet, that would follow the commands of a hacker-controlled server. As a result, the Qakbot developers were able to charge other cybercriminal organizations for access to their hacked systems.
The cybercrime organizations might then unleash ransomware on the affected systems or steal data from them. Qakbot has been connected to a number of ransomware gangs, including Conti, Black Basta, Royal, Revil, and Lockbit, among others, by US authorities and security researchers. The unident
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: