Sign In
Learn bits
Science & Tech.
Mahesh

02/09/23 06:22 AM IST

FBI’s Duck Hunt operation takes down Qakbot

In News
  • The Federal Bureau of Investigation, the US government’s domestic intelligence and security agency, announced it successfully dismantled the notorious Qakbot botnet and removed the malware from 7,00,000 machines worldwide.
About Qakbot
  • The Qakbot malware was created in 2008 and has been used in several ransomware attacks and cybercrimes around the world.
  • It is often distributed via spam emails that contain malicious links and attachments in the form of Word or Excel documents with macros, OneNote files or Windows shortcuts.
  • Opening these files activates Qakbot, which then downloads additional malware on the infected machine, including some ransomware.
  • When installed, Qakbot also searches the victim’s email address for upcoming phishing campaigns.
  • Also, the computer automatically becomes a part of the botnet, which is basically a network of infected machines that can be remotely controlled by its users.
  • It is able to evade detection by security software by injecting itself into the memory of a legitimate Windows process.
  • QakBot facilitated the spread of major ransomware families like Conti, ProLock, and REvil.
  • Its administrators reportedly received fees totaling around $58 million in ransoms paid by victims between October 2021 and April 2023.
Operation DuckHunt
  • Operation Duck Hunt is a coordinated international effort involving law enforcement agencies from the U.S., France, Germany, Latvia, Romania, the Netherlands, and the U.K.
  • The operation aims to dismantle the QakBot malware network, a notorious Windows malware family responsible for global compromises, financial fraud, and ransomware distribution.
  • This joint effort highlights the collaboration between countries to combat cybercriminal activities and disrupt their infrastructure.
  • The operation led to the neutralization of the QakBot botnet traffic by redirecting it to servers controlled by law enforcement agencies.
  • Compromised endpoints were instructed to download an uninstaller file that detached the machines from the botnet, preventing the delivery of additional payloads.
Source- Indian Express

More Related Current Affairs View All

15 Nov

Government issues guidelines to curb misleading ads by coaching centres

'The central Government issued new guidelines aimed at curbing misleading advertisements by coaching institutes, specifically prohibiting false promises such as "100 per cent selec

Read More

15 Nov

Janjatiya Gaurav Divas

'Every year on November 15th, Janjatiya Gaurav Divas is celebrated to honor the contributions of these communities, especially in India’s freedom struggle.' 5th November

Read More

15 Nov

Supreme Court’s order on mandatory accessibility standards

'A bench of the Supreme Court last week ordered the Union government to frame mandatory rules for ensuring the accessibility of public places and services to persons with disabilit

Read More

India’s First Ai-Driven Magazine Generator

Generate Your Custom Current Affairs Magazine using our AI in just 3 steps