International law authorities – including the United Kingdom and United States – has closed a cyber-crime site that hit 700,000 computers world-wide.
Organized gangs used Qakbot malware to infiltrate systems to steal financial details and log-in details.
In the last two years victims have paid a “ransom” of more than €54 million to the cyber-criminals.
Servers infected with Qakbot were found in 30 countries in Europe, South and North America, Asia, and Africa.
More than €8 million was seized in crypto currencies.
Cybercriminals used this persistent malware [Qakbot] to commit ransomware, fraud, and other cyber-enabled crimes.
Qakbot has been running since 2007.
It infiltrated victims’ computers through spam emails containing malicious attachments or hyperlinks.
Once installed on the targeted computer, the malware allowed for infections with next-stage payloads such as ransomware.
Additionally, the infected computer became part of a botnet (a network of compromised computers) controlled simultaneously by the cybercriminals, usually without the knowledge of the victims.
A Europol spokesperson said:
“Several ransomware groups used Qakbot to carry out many attacks on critical infrastructure and businesses. T
“The administrators of the botnet provided these groups with access to the infected networks for a fee.
“The investigation suggests that between October 2021 and April 2023, the administrators have received fees corresponding to €54 million in ransoms paid by the victims.”
