NEW YORK (AFP): US justice officials said Tuesday they had shut down a notorious global cyber network called Qakbot that was used by criminals to extort tens of millions of dollars from thousands of businesses around the world.
Known as a botnet, Qakbot was a 15-year-old malware network that gained backdoor access to private computers and IT systems worldwide.
The operators would then rent that access to criminal groups to undertake their own attacks, typically seizing or freezing data from a target’s systems and demanding ransoms to free it up, sometimes in the millions of dollars.
Qakbot was “one of the most notorious and pernicious botnets in the world,” said US Attorney Martin Estrada.
He said the investigation showed Qakbot had infected more than 700,000 victim computers, which could then be controlled to an extent by the botnet’s administrators.
It made Qakbot “the botnet of choice for cybergangs throughout the world,” said Estrada.
Just in the past 18 months, he said, victims have incurred $58 million in losses.
In an operation dubbed “Duck Hunt” that involved law enforcement in France, Germany, Netherlands, Romania and Latvia, authorities seized 52 servers supporting Qakbot operations and $8.6 million in cryptocurrencies.
Estrada declined to identify who was behind the Qakbot network or say if any arrests had been made, stressing that the investigation was ongoing.
In a statement on the same case, the French Justice Ministry said authorities had identified some 170 servers globally that backed the network, six of them in France, and 26,000 computers there that had been infected by Qakbot.
