The Bumblebee malware has reappeared in a new phishing campaign targeting U.S. organizations, using voicemail-themed lures with OneDrive URLs to deliver malicious Word documents. The malware leverages VBA macros to execute PowerShell commands and download the Bumblebee loader, which is associated with delivering ransomware. Additionally, new variants of QakBot, ZLoader, and PikaBot have surfaced, with QakBot employing stronger encryption and virtual machine detection. This resurgence underscores the ongoing threat posed by sophisticated malware and the need for robust cybersecurity measures.
The U.S. government, along with international partners, has successfully dismantled the QakBot malware network, a notorious cyber threat that has been active since 2008. QakBot, initially a banking trojan, evolved into a favored tool for cybercrime groups to launch ransomware attacks. The operation, named "Duck Hunt," involved seizing control of the botnet's servers and cutting ties with infected systems. The malware was linked to 40 ransomware attacks, resulting in $58 million in losses. Over 700,000 machines were infected, with more than 200,000 in the U.S. The operation also confiscated $9.5 million in cryptocurrency from the masterminds behind QakBot.
The FBI, in collaboration with international partners, successfully dismantled the Qakbot botnet, known for facilitating ransomware attacks and generating $58 million in ransom payments. The operation, named "Operation Duck Hunt," involved redirecting the botnet's network traffic to servers under the control of the U.S. government, allowing the FBI to take control of the botnet. The FBI used the botnet to distribute an uninstaller that removed Qakbot malware from infected machines, preventing further installation of malware. The operation also resulted in the seizure of over $8.6 million in cryptocurrency from the Qakbot cybercriminal organization.
The FBI, in collaboration with international partners, has successfully disrupted a long-running cybercriminal botnet named Qakbot, which had infected over 700,000 computers worldwide. The malware turned victim computers into a coordinated network, allowing the perpetrators remote control. The operation involved hacking Qakbot's infrastructure, uninstalling the malware from victim computers, and seizing $8.6 million in extorted funds. This success highlights the FBI's capabilities in targeting cybercriminal organizations and making the American people safer.
The FBI conducted a covert operation to wipe malicious programs from over 700,000 computers worldwide, aiming to disrupt a major cybercrime ecosystem. The operation targeted Qakbot, a versatile tool used by cybercriminals to gain unauthorized access to victims' computers. The FBI obtained a court warrant to hack into Qakbot's central infrastructure and instructed the infected computers to stop listening to the malicious program. While the operation likely fixed most infected computers, victims will not be notified. The FBI shared hacked individuals' information with Have I Been Pwned, which added 6.4 million email accounts tied to Qakbot to its database. The takedown involved international cooperation, but details on arrests or government involvement were not disclosed. Experts believe the operation may not significantly reduce cyberattacks, as hackers have alternative methods to breach systems.
The FBI, along with European law enforcement agencies, has dismantled a global network of hacked computers that were being used in a major fraud scheme, resulting in the seizure of over $8 million in cryptocurrency. The operation targeted a hacking tool called Qakbot, which had been causing significant harm to health care providers and government agencies worldwide. Around 200,000 computers were infected in the US, and 700,000 globally. This takedown is part of the FBI's increased efforts to target popular hacking tools and disrupt cybercriminals' activities. While the hackers can rebuild their infrastructure, the FBI hopes it will take them a significant amount of time.
The FBI, in collaboration with international partners, has successfully disrupted and dismantled the Qakbot malware and botnet in one of the largest-ever U.S.-led enforcement actions against a botnet. The operation, conducted in multiple countries, targeted a criminal supply chain responsible for ransomware attacks, financial fraud, and other cybercrimes. The Qakbot malware infected computers through spam emails, allowing cybercriminals to remotely control compromised computers. The FBI gained access to Qakbot's infrastructure, identified over 700,000 infected computers worldwide, and redirected traffic to Bureau-controlled servers to remove the malware and prevent further infections.
The Justice Department, in collaboration with international partners, has disrupted the Qakbot botnet and taken down its infrastructure, marking the largest U.S.-led financial and technical disruption of a botnet used for cybercriminal activities. The Qakbot malware, also known as Qbot or Pinkslipbot, primarily infects victim computers through spam emails and has been used by various ransomware groups to extort victims. The operation resulted in the deletion of the Qakbot code from infected computers and the seizure of over $8.6 million in cryptocurrency. The FBI gained access to the Qakbot infrastructure, identified over 700,000 infected computers worldwide, and redirected botnet traffic to uninstall the malware.
