Sign In
Learn bits
Science & Tech.
Mahesh

02/09/23 06:22 AM IST

FBI’s Duck Hunt operation takes down Qakbot

In News
  • The Federal Bureau of Investigation, the US government’s domestic intelligence and security agency, announced it successfully dismantled the notorious Qakbot botnet and removed the malware from 7,00,000 machines worldwide.
About Qakbot
  • The Qakbot malware was created in 2008 and has been used in several ransomware attacks and cybercrimes around the world.
  • It is often distributed via spam emails that contain malicious links and attachments in the form of Word or Excel documents with macros, OneNote files or Windows shortcuts.
  • Opening these files activates Qakbot, which then downloads additional malware on the infected machine, including some ransomware.
  • When installed, Qakbot also searches the victim’s email address for upcoming phishing campaigns.
  • Also, the computer automatically becomes a part of the botnet, which is basically a network of infected machines that can be remotely controlled by its users.
  • It is able to evade detection by security software by injecting itself into the memory of a legitimate Windows process.
  • QakBot facilitated the spread of major ransomware families like Conti, ProLock, and REvil.
  • Its administrators reportedly received fees totaling around $58 million in ransoms paid by victims between October 2021 and April 2023.
Operation DuckHunt
  • Operation Duck Hunt is a coordinated international effort involving law enforcement agencies from the U.S., France, Germany, Latvia, Romania, the Netherlands, and the U.K.
  • The operation aims to dismantle the QakBot malware network, a notorious Windows malware family responsible for global compromises, financial fraud, and ransomware distribution.
  • This joint effort highlights the collaboration between countries to combat cybercriminal activities and disrupt their infrastructure.
  • The operation led to the neutralization of the QakBot botnet traffic by redirecting it to servers controlled by law enforcement agencies.
  • Compromised endpoints were instructed to download an uninstaller file that detached the machines from the botnet, preventing the delivery of additional payloads.
Source- Indian Express

More Related Current Affairs View All

04 Aug

Maharashtra’s new security Bill

'The Maharashtra Legislature passed the Maharashtra Special Public Security Bill or a ‘Bill to provide for effective prevention of certain unlawful activities of Left Wing Ex

Read More

04 Aug

New Project to curb rhino poaching through radioactive isotope injections

'Recently, South African scientists injected radioactive material into live rhinoceros horns to make them easier to detect at border posts in a pioneering project aimed at curbing

Read More

04 Aug

National Sports Governance Bill

'Recently, the Ministry of Youth Affairs and Sports introduced the National Sports Governance Bill, 2025 in the Lok Sabha. ' The National Sports Governance Bill, 2025 draws from

Read More

India’s First Ai-Driven Magazine Generator

Generate Your Custom Current Affairs Magazine using our AI in just 3 steps