Sign In
Learn bits
Science & Tech.
Mahesh

02/09/23 06:22 AM IST

FBI’s Duck Hunt operation takes down Qakbot

In News
  • The Federal Bureau of Investigation, the US government’s domestic intelligence and security agency, announced it successfully dismantled the notorious Qakbot botnet and removed the malware from 7,00,000 machines worldwide.
About Qakbot
  • The Qakbot malware was created in 2008 and has been used in several ransomware attacks and cybercrimes around the world.
  • It is often distributed via spam emails that contain malicious links and attachments in the form of Word or Excel documents with macros, OneNote files or Windows shortcuts.
  • Opening these files activates Qakbot, which then downloads additional malware on the infected machine, including some ransomware.
  • When installed, Qakbot also searches the victim’s email address for upcoming phishing campaigns.
  • Also, the computer automatically becomes a part of the botnet, which is basically a network of infected machines that can be remotely controlled by its users.
  • It is able to evade detection by security software by injecting itself into the memory of a legitimate Windows process.
  • QakBot facilitated the spread of major ransomware families like Conti, ProLock, and REvil.
  • Its administrators reportedly received fees totaling around $58 million in ransoms paid by victims between October 2021 and April 2023.
Operation DuckHunt
  • Operation Duck Hunt is a coordinated international effort involving law enforcement agencies from the U.S., France, Germany, Latvia, Romania, the Netherlands, and the U.K.
  • The operation aims to dismantle the QakBot malware network, a notorious Windows malware family responsible for global compromises, financial fraud, and ransomware distribution.
  • This joint effort highlights the collaboration between countries to combat cybercriminal activities and disrupt their infrastructure.
  • The operation led to the neutralization of the QakBot botnet traffic by redirecting it to servers controlled by law enforcement agencies.
  • Compromised endpoints were instructed to download an uninstaller file that detached the machines from the botnet, preventing the delivery of additional payloads.
Source- Indian Express

More Related Current Affairs View All

05 Mar

First-ever comprehensive survey of India’s river dolphins

'Prime Minister Narendra Modi released the results of the first-ever comprehensive population estimation of riverine dolphins – Gangetic and Indus dolphins – done in In

Read More

05 Mar

Arresting women at night

'The Madurai Bench of the Madras High Court in Deepa versus S. Vijayalakshmi and Others ruled that the legal provision in the Bharatiya Nagarik Suraksha Sanhita (BNSS), 2023, which

Read More

05 Mar

Digital Personal Data Protection Act, 2023

'The Ministry of Electronics and Information Technology (MeitY) looking to wrap up public consultations on the draft Rules for the Digital Personal Data Protection Act, 2023 by Mar

Read More

India’s First Ai-Driven Magazine Generator

Generate Your Custom Current Affairs Magazine using our AI in just 3 steps