Sign In
Learn bits
Science & Tech.
Mahesh

02/09/23 06:22 AM IST

FBI’s Duck Hunt operation takes down Qakbot

In News
  • The Federal Bureau of Investigation, the US government’s domestic intelligence and security agency, announced it successfully dismantled the notorious Qakbot botnet and removed the malware from 7,00,000 machines worldwide.
About Qakbot
  • The Qakbot malware was created in 2008 and has been used in several ransomware attacks and cybercrimes around the world.
  • It is often distributed via spam emails that contain malicious links and attachments in the form of Word or Excel documents with macros, OneNote files or Windows shortcuts.
  • Opening these files activates Qakbot, which then downloads additional malware on the infected machine, including some ransomware.
  • When installed, Qakbot also searches the victim’s email address for upcoming phishing campaigns.
  • Also, the computer automatically becomes a part of the botnet, which is basically a network of infected machines that can be remotely controlled by its users.
  • It is able to evade detection by security software by injecting itself into the memory of a legitimate Windows process.
  • QakBot facilitated the spread of major ransomware families like Conti, ProLock, and REvil.
  • Its administrators reportedly received fees totaling around $58 million in ransoms paid by victims between October 2021 and April 2023.
Operation DuckHunt
  • Operation Duck Hunt is a coordinated international effort involving law enforcement agencies from the U.S., France, Germany, Latvia, Romania, the Netherlands, and the U.K.
  • The operation aims to dismantle the QakBot malware network, a notorious Windows malware family responsible for global compromises, financial fraud, and ransomware distribution.
  • This joint effort highlights the collaboration between countries to combat cybercriminal activities and disrupt their infrastructure.
  • The operation led to the neutralization of the QakBot botnet traffic by redirecting it to servers controlled by law enforcement agencies.
  • Compromised endpoints were instructed to download an uninstaller file that detached the machines from the botnet, preventing the delivery of additional payloads.
Source- Indian Express

More Related Current Affairs View All

20 Feb

The Maharashtra Protection of Interest of Depositors (in Financial Establishments) Act, 1999

'Investors who were defrauded in the Torres Ponzi scam may receive about Rs 40 crore over the next six months.' The Mumbai Police’s Economic Offences Wing (EOW) has begun

Read More

18 Feb

Aravali safari park project

'The Haryana government’s ambitious 3,858 hectare Aravali safari park project spread across Gurugram and Nuh — which was one of the poll promises of the ruling Bharatiy

Read More

17 Feb

President’s rule function

'Recently,  four days after Manipur Chief Minister N. Biren Singh’s resignation, the Union government announced that President’s rule has been implemented in the v

Read More

India’s First Ai-Driven Magazine Generator

Generate Your Custom Current Affairs Magazine using our AI in just 3 steps