How FBI Dropped Qakbot Malware

Last week, the FBI announced that it dismantled the Qakbot (also referred to as Qbot) multinational cyber hacking and ransomware operation, which affected 700.000 computers worldwide – including financial institutions, government contractors and medical device manufacturers.

The Qakbot infected victims via spam emails with malicious attachments, links and served as a platform for ransomware operators. By infecting it, the victim's computer became part of Qakbot's larger botnet operation, infecting even more victims.

qakbot blog new

Η (CPR) δημοσίευσε τα διαθέσιμα στοιχεία της σχετικά με τις QBot's attack methods the 2020.

The Check Point's Mid-Year Security Report for 2023 provides additional details about Qakbot such as:

  • Qakbot is the most frequently detected malware, with 11% of corporate networks worldwide affected in 1H23.
  • Το Qakbot είναι ένα κακόβουλο λογισμικό πολλαπλών χρήσεων, που μοιάζει με ελβετικό σουγιά. Επιτρέπει στους εγκληματίες του κυβερνοχώρου να κλέβουν άμεσα δεδομένα (διαπιστευτήρια για οικονομικούς λογαριασμούς, κάρτες πληρωμών κ.λπ.) από υπολογιστές, ενώ παράλληλα χρησιμεύει ως πλατφόρμα αρχικής πρόσβασης για τη μόλυνση των δικτύων των θυμάτων με κακόβουλο λογισμικό και ransomware.
  • Qakbot is primarily distributed via phishing emails and is highly adaptable and flexible, allowing it to bypass security measures. It uses file types such as OneNote, PDF , HTML, ZIP, LNK and more to infect machines

So far, in 2023, the 45% of ransomware attacks were against US-based organizations. Manufacturing, retail and software were the industries that were the biggest targets for ransomware.

Sergey Shykevich, Threat Manager at Check Point Research said:

We have been monitoring Qakbot for some time and this takedown operation is an important step in stopping a major cyber crime operation.

We applaud the FBI and its partners and we will continue to monitor the long-term impact with cybercriminals. It remains to be seen whether it was a complete takedown or whether the operators will return – and we urge everyone to continue their phishing awareness campaigns, to be updated on patches security and leverage appropriate anti-ransomware solutions.

01 The Best Technology Site in Greecefgns

Subscribe to Blog by Email

Subscribe to this blog and receive notifications of new posts by email.

Written by newsbot

Although the press releases will be from very select to rarely, I said to go ... because sometimes the authors are hiding.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).