By Giovanni Legorano
ROME (AA) - A US-led international operation took down the infrastructure of the malware and botnet known as Qakbot, a EU justice agency said Wednesday.
US authorities seized around $8.6 million in cryptocurrency after the malware infected more than 700,000 computers, facilitated the delivery of ransomware and caused hundreds of millions of dollars in damage worldwide.
The victims included businesses, health care providers and government agencies all over the world where the malware has caused “significant harm.”
“This is one of the largest financial and technical disruptions of a botnet infrastructure leveraged by cybercriminals to commit ransomware, financial fraud and other cyber-enabled criminal activity,” said Eurojust.
A criminal network controlled Qakbot, which is also known as Qbot and Pinkslipbot, among others, according to the investigation.
Once Qakbot infected a computer, normally through spam email messages containing malicious attachments or hyperlinks, it can deliver additional malware, such as ransomware.
“The victim computers infected with Qakbot malware are part of a botnet – a network of compromised computers – that allows infected computers to be controlled remotely in a coordinated manner,” said Eurojust.
Owners and operators of victim computers are normally unaware of the infection. The administrators of Qakbot offered cybercriminals access to the botnet for a fee.
The UK, France, Germany, Netherlands, Latvia and Romania also took part in the operation, with the help of Eurojust and Europol.