CyberSecurity news
FlagThis
@www.bleepingcomputer.com
//
The US government has indicted Rustam Rafailevich Gallyamov, a 48-year-old Russian national from Moscow, as the leader of the Qakbot botnet malware conspiracy. Gallyamov, also known as "Cortes" and other aliases, is accused of leading a group of cybercriminals responsible for developing and deploying the Qakbot malware since 2008. This indictment is part of an ongoing multinational effort involving the United States, France, Germany, the Netherlands, Denmark, the United Kingdom, and Canada to combat cybercrime. The Justice Department has also filed a civil forfeiture complaint against Gallyamov, seeking to seize over $24 million in cryptocurrency allegedly obtained through his criminal activities.
According to court documents, Gallyamov used the Qakbot malware to infect over 700,000 computers globally, establishing a vast network or "botnet" of compromised machines. Starting in 2019, this botnet was leveraged to facilitate ransomware attacks against innocent victims worldwide, causing significant financial losses. The FBI and its international partners crippled Gallyamov's bot network in 2023, but he allegedly continued to deploy alternative methods to make his malware available to criminal cyber gangs. The Qakbot malware, also known as Qbot and Pinkslipbot, evolved over time from a banking trojan into a tool used for malware dropping and keystroke logging.
Officials emphasize the commitment to holding cybercriminals accountable and disrupting their activities. "Today’s announcement of the Justice Department’s latest actions to counter the Qakbot malware scheme sends a clear message to the cybercrime community,” said Matthew R. Galeotti, Head of the Justice Department’s Criminal Division. U.S. Attorney Bill Essayli for the Central District of California added, "The criminal charges and forfeiture case announced today are part of an ongoing effort with our domestic and international law enforcement partners to identify, disrupt, and hold accountable cybercriminals." The case demonstrates the FBI’s commitment to relentlessly pursuing individuals who target Americans and demand ransom, even when they reside overseas.
ImgSrc: www.bleepstatic
References :
According to court documents, Gallyamov used the Qakbot malware to infect over 700,000 computers globally, establishing a vast network or "botnet" of compromised machines. Starting in 2019, this botnet was leveraged to facilitate ransomware attacks against innocent victims worldwide, causing significant financial losses. The FBI and its international partners crippled Gallyamov's bot network in 2023, but he allegedly continued to deploy alternative methods to make his malware available to criminal cyber gangs. The Qakbot malware, also known as Qbot and Pinkslipbot, evolved over time from a banking trojan into a tool used for malware dropping and keystroke logging.
Officials emphasize the commitment to holding cybercriminals accountable and disrupting their activities. "Today’s announcement of the Justice Department’s latest actions to counter the Qakbot malware scheme sends a clear message to the cybercrime community,” said Matthew R. Galeotti, Head of the Justice Department’s Criminal Division. U.S. Attorney Bill Essayli for the Central District of California added, "The criminal charges and forfeiture case announced today are part of an ongoing effort with our domestic and international law enforcement partners to identify, disrupt, and hold accountable cybercriminals." The case demonstrates the FBI’s commitment to relentlessly pursuing individuals who target Americans and demand ransom, even when they reside overseas.
ImgSrc: www.bleepstatic
Share:
References :
- bsky.app: Leader of Qakbot Malware Conspiracy Indicted for Involvement in Global Ransomware Scheme
- DataBreaches.Net: Russian national and leader of Qakbot malware conspiracy indicted in long-running global ransomware scheme
- www.bleepingcomputer.com: The U.S. government has indicted Russian national Rustam Rafailevich Gallyamov, the leader of the Qakbot botnet malware operation that compromised over 700,000 computers and enabled ransomware attacks.
- The DefendOps Diaries: The Indictment of Rustam Rafailevich Gallyamov: A Turning Point in Cybercrime Battle
- thecyberexpress.com: The U.S. Justice Department has unsealed an indictment against Rustam Rafailevich Gallyamov, a Russian national accused of running a cybercrime group responsible for one of the most notorious malware threats in recent years:.
- BleepingComputer: US indicts leader of Qakbot botnet linked to ransomware attacks
- The Register - Security: Feds finger Russian 'behind Qakbot malware' that hit 700K computers Agents thought they shut this all down in 2023, but the duck quacked again Uncle Sam on Thursday unsealed criminal charges and a civil forfeiture case against a Russian national accused of leading the cybercrime ring behind Qakbot, the notorious malware that infected hundreds of thousands of computers worldwide and helped fuel ransomware attacks costing victims tens of millions of dollars.
- Tech Monitor: The U.S. Justice Department has indicted Rustam Rafailevich Gallyamov, the alleged leader of the Qakbot botnet malware operation.
- www.justice.gov: Justice Department Announces Leader of Qakbot Malware Conspiracy Indicted for Involvement in Global Ransomware Scheme
- Security Affairs: Leader of Qakbot cybercrime network indicted in U.S. crackdown
- BleepingComputer: The U.S. government has indicted Russian national Rustam Rafailevich Gallyamov, the leader of the Qakbot botnet malware operation that compromised over 700,000 computers and enabled ransomware attacks.
- securityaffairs.com: Leader of Qakbot cybercrime network indicted in U.S. crackdown
- Daily CyberSecurity: Europol and Eurojust have dismantled the digital backbone of several major malware strains used in ransomware operations.
- www.helpnetsecurity.com: DanaBot botnet disrupted, QakBot leader indicted
- ComputerWeekly.com: US makes fresh indictments over DanaBot, Qakbot malwares
Classification:
- HashTags: #Qakbot #Botnet #Cybercrime
- Company: US Department of Justice
- Target: Computer users globally
- Attacker: Rustam Rafailevich Gallyamov
- Product: Qakbot Botnet
- Feature: Botnet Disruption
- Malware: Qakbot
- Type: Malware
- Severity: Major