Subscribe to Newsletters

Curated Content | Thought Leadership | Technology News

FBI and DOJ Announces Take Down of Major Cyberthreat

One of the most extensive U.S. led disruptions of a cybercriminal infrastructure
H. Michael Burgett
Contributing Writer

In a recent announcement, the Federal Bureau of Investigation (FBI) and the Department of Justice (DOJ) claimed success in an international collaboration to take down the infrastructure for the malware and botnet known as Qakbot. This operation, which unfolded across multiple nations including the U.S., France, Germany, the Netherlands, Romania, Latvia, and the United Kingdom, represents a major stride in countering cyber threats.

It stands as one of the most extensive U.S.-led disruptions of a cybercriminal infrastructure that has been instrumental in ransomware attacks, financial fraud, and various other cyber-enabled criminal activities.

A Decade of Cyber Attacks

FBI Director Christopher Wray underscored the profound impact of this operation, stating, “The FBI neutralized this far-reaching criminal supply chain, cutting it off at the knees.” The range of victims affected by the Qakbot malware sheds light on the pervasive reach of this threat, encompassing financial institutions on the East Coast, a critical infrastructure government contractor in the Midwest, and even a medical device manufacturer on the West Coast.

Qakbot malware proliferated primarily through malicious attachments or links embedded in spam emails. Upon interaction with these elements, Qakbot swiftly infiltrated victim computers, facilitating the delivery of additional malware, including ransomware. Infected computers were subsequently integrated into a botnet, granting remote control capabilities to cybercriminals. Alarming was the fact that victims were often oblivious to their compromised systems.

Since its inception in 2008, the Qakbot malware has been a linchpin in various cybercrimes, incurring significant financial losses reaching hundreds of millions of dollars for individuals and businesses on a global scale. FBI Director Wray highlighted that this botnet conferred cybercriminals with a robust command-and-control structure, marshaling hundreds of thousands of compromised computers to execute attacks spanning the globe.

Dismantling A Criminal Enterprise

The crux of the operation’s success rested on the FBI’s lawful access to Qakbot’s infrastructure. Over 700,000 infected computers were identified worldwide, with more than 200,000 located within the United States. To dismantle the botnet’s functionality, the FBI rerouted Qakbot’s traffic to servers under their control. This strategic maneuver prompted infected computers to download an uninstaller file, meticulously crafted to eliminate the Qakbot malware. Consequently, this initiative severed the link between compromised computers and the botnet, preempting the installation of further malware.

“The FBI neutralized this far-reaching criminal supply chain, cutting it off at the knees.”

Christopher Wray, Director

Director Wray acknowledged the orchestrated efforts that made this achievement possible. He attributed the success to the unwavering dedication of multiple teams within the FBI, in tandem with collaborative partnerships both domestically and internationally.

The Wrap

The collaborative endeavor orchestrated by the Federal Bureau of Investigation (FBI), in conjunction with the Department of Justice and international partners signifies a notable advancement in tackling cyber vulnerabilities. This operation serves as a testament to the collective strength of nations working together to combat cyber threats that transcend borders. However, the journey to bolster cybersecurity remains ongoing.

☀️ Subscribe to the Early Morning Byte! Begin your day informed, engaged, and ready to lead with the latest in technology news and thought leadership.

☀️ Your latest edition of the Early Morning Byte is here! Kickstart your day informed, engaged, and ready to lead with the latest in technology news and thought leadership.

ADVERTISEMENT

×
You have free article(s) left this month courtesy of CIO Partners.

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Would You Like To Save Articles?

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Thanks for subscribing!

We’re excited to have you on board. Stay tuned for the latest technology news delivered straight to your inbox.

Save My Spot For TNCR LIVE!

Thursday April 18th

9 AM Pacific / 11 PM Central / 12 PM Eastern

Register for Unlimited Access

Already a member?

Digital Monthly

$12.00/ month

Billed Monthly

Digital Annual

$10.00/ month

Billed Annually

Would You Like To Save Books?

Enter your username and password to access premium features.

Don’t have an account? Join the community.

Log In To Access Premium Features

Sign Up For A Free Account

Please enable JavaScript in your browser to complete this form.
Name
Newsletters