www.fbi.gov
Open in
urlscan Pro
2606:4700::6810:95f4
Public Scan
URL:
https://www.fbi.gov/news/stories/fbi-partners-dismantle-qakbot-infrastructure-in-multinational-cyber-takedown
Submission: On September 01 via manual from CO — Scanned from DE
Submission: On September 01 via manual from CO — Scanned from DE
Form analysis 2 forms found in the DOM
https://www.fbi.gov/@@search
<form class="navbar-form navbar-left" role="search" action="https://www.fbi.gov/@@search">
<label for="fbi-search" class="visually-hidden">Search FBI</label>
<input type="search" id="fbi-search" name="SearchableText" placeholder="Search FBI">
<button type="submit">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="18" height="18" aria-labelledby="title" role="img">
<title>Submit Search</title>
<style type="text/css">
.search-icon {
fill: #333333;
}
</style>
<path class="search-icon"
d="M 15.632,13.874259 12.336,10.581757 C 13.12,9.4309801 13.52,8.1523387 13.52,6.7458332 13.552,5.8507843 13.376,4.9877014 13.008,4.1246185 12.64,3.2615355 12.16,2.5422998 11.568,1.9509282 10.96,1.3755395 10.24,0.89604904 9.392,0.51245664 8.528,0.16083027 7.664,-0.01498292 6.784,0.0010001 5.888,0.03296613 5.024,0.22476233 4.16,0.54442267 3.296,0.86408301 2.56,1.3435735 1.984,1.9828942 1.408,2.6222149 0.928,3.3414506 0.56,4.1565845 0.192,4.9557353 0,5.8348013 0,6.7618162 c 0,0.927015 0.192,1.8060809 0.528,2.6371978 0.336,0.831117 0.816,1.550353 1.424,2.157707 0.608,0.607355 1.344,1.086845 2.176,1.438472 0.848,0.351626 1.728,0.527439 2.64,0.527439 1.408,0 2.672,-0.383592 3.824,-1.182743 l 3.312,3.292502 C 14.144,15.872136 14.416,16 14.768,16 15.104,16 15.392,15.872136 15.632,15.632391 15.872,15.392645 16,15.104951 16,14.769308 15.984,14.401698 15.872,14.114004 15.632,13.874259 Z M 9.808,9.7985894 C 8.992,10.59774 7.984,11.013299 6.784,11.061248 5.552,11.093214 4.544,10.677655 3.728,9.7985894 2.912,8.9195235 2.496,7.9125935 2.448,6.7458332 2.432,5.595056 2.848,4.5881259 3.712,3.725043 4.576,2.8619601 5.6,2.4304187 6.768,2.4464017 c 1.168,0.015983 2.176,0.4475245 3.024,1.2786413 0.848,0.8311169 1.28,1.838047 1.28,3.0207902 -0.048,1.2466753 -0.448,2.2536054 -1.264,3.0527562 z"
alt="Submit Search"></path>
</svg>
</button>
</form>https://www.fbi.gov/@@search
<form class="navbar-form navbar-left" role="search" action="https://www.fbi.gov/@@search">
<label for="mobile-fbi-search" class="visually-hidden">Search FBI</label>
<input type="search" id="mobile-fbi-search" name="SearchableText" placeholder="Search FBI">
<button type="submit">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 16 16" width="18" height="18" aria-labelledby="title" role="img">
<title id="title">Submit Search</title>
<style type="text/css">
.mobilesearch-icon {
fill: #a9a9a9;
}
</style>
<path class="mobilesearch-icon"
d="M 15.632,13.874259 12.336,10.581757 C 13.12,9.4309801 13.52,8.1523387 13.52,6.7458332 13.552,5.8507843 13.376,4.9877014 13.008,4.1246185 12.64,3.2615355 12.16,2.5422998 11.568,1.9509282 10.96,1.3755395 10.24,0.89604904 9.392,0.51245664 8.528,0.16083027 7.664,-0.01498292 6.784,0.0010001 5.888,0.03296613 5.024,0.22476233 4.16,0.54442267 3.296,0.86408301 2.56,1.3435735 1.984,1.9828942 1.408,2.6222149 0.928,3.3414506 0.56,4.1565845 0.192,4.9557353 0,5.8348013 0,6.7618162 c 0,0.927015 0.192,1.8060809 0.528,2.6371978 0.336,0.831117 0.816,1.550353 1.424,2.157707 0.608,0.607355 1.344,1.086845 2.176,1.438472 0.848,0.351626 1.728,0.527439 2.64,0.527439 1.408,0 2.672,-0.383592 3.824,-1.182743 l 3.312,3.292502 C 14.144,15.872136 14.416,16 14.768,16 15.104,16 15.392,15.872136 15.632,15.632391 15.872,15.392645 16,15.104951 16,14.769308 15.984,14.401698 15.872,14.114004 15.632,13.874259 Z M 9.808,9.7985894 C 8.992,10.59774 7.984,11.013299 6.784,11.061248 5.552,11.093214 4.544,10.677655 3.728,9.7985894 2.912,8.9195235 2.496,7.9125935 2.448,6.7458332 2.432,5.595056 2.848,4.5881259 3.712,3.725043 4.576,2.8619601 5.6,2.4304187 6.768,2.4464017 c 1.168,0.015983 2.176,0.4475245 3.024,1.2786413 0.848,0.8311169 1.28,1.838047 1.28,3.0207902 -0.048,1.2466753 -0.448,2.2536054 -1.264,3.0527562 z"
alt="Submit Search"></path>
</svg>
</button>
</form>Text Content
An official website of the United States government. Here's how you know
OFFICIAL WEBSITES USE .GOV
A .gov website belongs to an official government organization in the United
States.
SECURE .GOV WEBSITES USE HTTPS
A lock () or https:// means you've safely connected to the .gov website. Share
sensitive information only on official, secure websites.
Submit Search Search
FBI
More
* Most Wanted
* News
* What We Investigate
* How We Can Help You
* Submit a Tip
* About
* Contact Us
1. Home
2. News
3. Stories
* Facebook Icon
* Email Icon
* Twitter Icon
* Youtube Icon
* Flickr Icon
* LinkedIn Icon
* Instagram Icon
* Search FBI Submit Search
FBIFederal Bureau of Investigation
FBI, PARTNERS DISMANTLE QAKBOT INFRASTRUCTURE IN MULTINATIONAL CYBER TAKEDOWN
News
* Stories
* News Blog
* Videos
* Podcasts
* Press Releases
* Speeches
* Testimony
* Photos
* Apps
*
August 29, 2023
Share on Twitter Twitter Share on Facebook Facebook Email Email
FBI, PARTNERS DISMANTLE QAKBOT INFRASTRUCTURE IN MULTINATIONAL CYBER TAKEDOWN
Operation marks one of the largest-ever U.S.-led enforcement actions against a
botnet
FBI Director Christopher Way announces a major operation targeting the Qakbot
botnet.
Transcript / Visit Video Source
--------------------------------------------------------------------------------
On August 29, the FBI and the Justice Department announced a multinational
operation to disrupt and dismantle the malware and botnet known as Qakbot.
The action, which took place in the U.S., France, Germany, the Netherlands,
Romania, Latvia, and the United Kingdom, represents one of the largest U.S.-led
disruptions of a botnet infrastructure used by cybercriminals to commit
ransomware, financial fraud, and other cyber-enabled criminal activity.
"The FBI neutralized this far-reaching criminal supply chain, cutting it off at
the knees," said FBI Director Christopher Wray. "The victims ranged from
financial institutions on the East Coast to a critical infrastructure government
contractor in the Midwest to a medical device manufacturer on the West Coast."
--------------------------------------------------------------------------------
> “THE FBI NEUTRALIZED THIS FAR-REACHING CRIMINAL SUPPLY CHAIN, CUTTING IT OFF
> AT THE KNEES.”
>
> FBI DIRECTOR CHRISTOPHER WRAY
How the Malware Worked
The Qakbot malware infected victim computers primarily through spam emails that
contained malicious attachments or links.
After a user downloaded or clicked the content, Qakbot delivered additional
malware—including ransomware—to their computer. The computer also became part of
a botnet (a network of compromised computers) and could be controlled remotely
by botnet users. All the while, a Qakbot victim was typically unaware that their
computer had been infected.
Since its creation in 2008, Qakbot malware has been used in ransomware attacks
and other cybercrimes that caused hundreds of millions of dollars in losses to
individuals and businesses in the U.S. and abroad.
"This botnet provided cybercriminals like these with a command-and-control
infrastructure consisting of hundreds of thousands of computers used to carry
out attacks against individuals and businesses all around the globe," Wray
said.
Disrupting the Duck
As part of the operation, the FBI gained lawful access
to Qakbot’s infrastructure and identified over 700,000 infected computers
worldwide—including more than 200,000 in the U.S.
To disrupt the botnet, the FBI redirected Qakbot traffic
to Bureau-controlled servers that instructed infected computers to download an
uninstaller file. This uninstaller—created to remove
the Qakbot malware—untethered infected computers from the botnet and
prevented the installation of any additional malware.
"All of this was made possible by the dedicated work of FBI Los Angeles, our
Cyber Division at FBI Headquarters, and our partners, both here at home and
overseas," said Wray. "The cyber threat facing our nation is growing more
dangerous and complex every day. But our success proves that our own network and
our own capabilities are more powerful."
--------------------------------------------------------------------------------
Resources:
* Qakbot Malware Disrupted in International Cyber Takedown
Next
Outreach and Mentorship: Cliff’s Crew Visits the FBI
Cliff's Crew—a group of youth mentored by retired NFL Seattle Seahawks player
Cliff Avril—visited the FBI Headquarters in Washington, D.C., where they toured
the FBI Experience and met with Associate Deputy Director Brian Turner.
* Most Wanted
* Ten Most Wanted
* Fugitives
* Terrorism
* Kidnappings / Missing Persons
* Seeking Information
* Bank Robbers
* ECAP
* ViCAP
* FBI Jobs
* Submit a Tip
* Crime Statistics
* History
* FOIPA
* Scams & Safety
* FBI Kids
* FBI Tour
* News
* Stories
* Videos
* Press Releases
* Speeches
* Testimony
* Podcasts and Radio
* Photos
* Español
* Apps
* How We Can Help You
* Law Enforcement
* Victims
* Parents and Caregivers
* Students
* Businesses
* Safety Resources
* Need an FBI Service or More Information?
* What We Investigate
* Terrorism
* Counterintelligence
* Cyber Crime
* Public Corruption
* Civil Rights
* Organized Crime
* White-Collar Crime
* Violent Crime
* WMD
* About
* Mission & Priorities
* Leadership & Structure
* Partnerships
* Community Outreach
* FAQs
* Contact Us
* Field Offices
* FBI Headquarters
* Overseas Offices
* Additional Resources
* Accessibility
* eRulemaking
* Freedom of Information / Privacy Act
* Legal Notices
* Legal Policies & Disclaimers
* Privacy Policy
* USA.gov
* White House
* No FEAR Act
* Equal Opportunity
FBI
FEDERAL BUREAU OF INVESTIGATION
*
*
*
*
*
*
FBI.GOV CONTACT CENTER
EMAIL UPDATES
* * Accessibility
* eRulemaking
* Freedom of Information / Privacy Act
* Legal Notices
* Legal Policies & Disclaimers
* * Privacy Policy
* USA.gov
* White House
* No FEAR Act
* Equal Opportunity
FBI.gov is an official site of the U.S. Department of Justice ©
Search FBI Submit Search
* Home
* Most Wanted
* News
* Stories
* News Blog
* Videos
* Podcasts
* Press Releases
* Speeches
* Testimony
* Photos
* Apps
*
* What We Investigate
* How We Investigate
* How We Can Help You
* Submit a Tip
* About
* Contact Us
* Crime Statistics
* Photos
* Video
* Outreach
* History
* FOIA
* Scams & Safety
* FBI Kids
* FBI Jobs
emailStay Connected Get FBI email alerts Subscribe No Thanks ×