US dismantles Qakbot malware in international cyberattack

Since its creation in 2008, the Qakbot malware has been used for ransomware attacks and other cybercrime that resulted in hundreds of millions of dollars in losses to individuals and businesses in the US and abroad. The malware infected victims' computers primarily through spam emails containing malicious attachments or links.

On 29 August, the FBI and the Department of Justice announced a multinational operation known as Duck Hunt to disrupt and dismantle the notorious Qakbot platform.

The action, which took place in the US, France, Germany, the Netherlands, Romania, Latvia and the UK, represents one of the largest US-led disruptions. The infrastructure, consisting of a botnet, was used by cybercriminals to commit a variety of crimes, including ransomware attacks and financial fraud.

The FBI identified more than 700,000 infected computers worldwide, of which more than 200,000 are in the US.