Sign In
Learn bits
Science & Tech.
Mahesh

02/09/23 06:22 AM IST

FBI’s Duck Hunt operation takes down Qakbot

In News
  • The Federal Bureau of Investigation, the US government’s domestic intelligence and security agency, announced it successfully dismantled the notorious Qakbot botnet and removed the malware from 7,00,000 machines worldwide.
About Qakbot
  • The Qakbot malware was created in 2008 and has been used in several ransomware attacks and cybercrimes around the world.
  • It is often distributed via spam emails that contain malicious links and attachments in the form of Word or Excel documents with macros, OneNote files or Windows shortcuts.
  • Opening these files activates Qakbot, which then downloads additional malware on the infected machine, including some ransomware.
  • When installed, Qakbot also searches the victim’s email address for upcoming phishing campaigns.
  • Also, the computer automatically becomes a part of the botnet, which is basically a network of infected machines that can be remotely controlled by its users.
  • It is able to evade detection by security software by injecting itself into the memory of a legitimate Windows process.
  • QakBot facilitated the spread of major ransomware families like Conti, ProLock, and REvil.
  • Its administrators reportedly received fees totaling around $58 million in ransoms paid by victims between October 2021 and April 2023.
Operation DuckHunt
  • Operation Duck Hunt is a coordinated international effort involving law enforcement agencies from the U.S., France, Germany, Latvia, Romania, the Netherlands, and the U.K.
  • The operation aims to dismantle the QakBot malware network, a notorious Windows malware family responsible for global compromises, financial fraud, and ransomware distribution.
  • This joint effort highlights the collaboration between countries to combat cybercriminal activities and disrupt their infrastructure.
  • The operation led to the neutralization of the QakBot botnet traffic by redirecting it to servers controlled by law enforcement agencies.
  • Compromised endpoints were instructed to download an uninstaller file that detached the machines from the botnet, preventing the delivery of additional payloads.
Source- Indian Express

More Related Current Affairs View All

10 Jan

Rural landowners in Delhi want repeal of Sections 33 and 81 of Delhi Land Reforms Act

'Both sections dealing with the use and sale of agricultural land have come under the spotlight ahead of the Delhi Assembly elections.' This can only be done by the Central gove

Read More

10 Jan

Pravasi Bharatiya Diwas

'Prime Minister Narendra Modi inaugurated the 18th edition of the Pravasi Bharatiya Diwas  in Bhubaneswar.' The event is held once every two years to “honour the cont

Read More

10 Jan

Deciphering the Indus script

'Recently, Tamil Nadu Chief Minister M.K. Stalin announced a $1-million prize for experts or organisations in the event of their success in deciphering the scripts of the Indus Val

Read More

India’s First Ai-Driven Magazine Generator

Generate Your Custom Current Affairs Magazine using our AI in just 3 steps