The FBI said as part of the international cyber takedown it gained lawful access to Qakbot’s infrastructure and identified more than 700,000 infected computers worldwide, including more than 200,000 in the US.
Using command-and-control infrastructure to carry out attacks globally, Qakbot enabled the most prolific ransomware groups to cause losses in the hundreds of millions, said FBI Director Christopher Wray.
The FBI’s national headquarters and Los Angeles field office, supported by a network of international partners, were able to infiltrate servers and redirect traffic to their own servers, and then uninstall the malware, he said.
“This is the first time we’ve deployed this innovative technique, severing thousands of computers from the botnet and restoring control back to the victims,” said Wray in a video posted with the announcement.
Numerous cybercriminal groups have used the Qakbot infrastructure to attack organizations, including financial institutions, critical infrastructure contractors and a medical device manufacturer on the West Coast, reports Healthcare IT News. Read more.
