this post was submitted on 30 Aug 2023
128 points (99.2% liked)

Technology

59092 readers
6622 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

FBI operation tricked thousands of computers infected by Qakbot into uninstalling the malware::The U.S. government dismantled the infrastructure of the notorious Qakbot malware, which caused millions of dollars of damage.

top 8 comments
sorted by: hot top controversial new old
[–] RedditWanderer@lemmy.world 39 points 1 year ago (2 children)

Tldr bot cut out the best part:

To dismantle the botnet, the FBI gained lawful access to Qakbot’s infrastructure and redirected Qakbot traffic to FBI-controlled servers, which instructed infected computers to download an uninstaller file. This uninstaller was created by law enforcement to untether the victims’ computers from the Qakbot botnet, preventing further installation of malware through Qakbot.

During this operation, named “Operation Duck Hunt,” the FBI said it recovered the stolen credentials — including email addresses and passwords — of more than 6.5 million victims, adding that its international partners identified “millions more.”

The FBI also announced the seizure of 52 servers, which it said would “permanently dismantle” the botnet.

[–] amp@sh.itjust.works 20 points 1 year ago (1 children)

I'm sure they quitely deleted those stolen credentials afterwards...

[–] RedditWanderer@lemmy.world 15 points 1 year ago

Legally obtained sounds like they subpoena'd someone's password to get in

[–] RetroEvolute@lemmy.world 13 points 1 year ago

Fuck yeah. Nice work FBI. 👌

[–] autotldr@lemmings.world 8 points 1 year ago (1 children)

This is the best summary I could come up with:


A U.S. government operation has dismantled the infrastructure of the notorious Qakbot malware, which officials say caused “hundreds of millions” of dollars of damage worldwide.

In an announcement on Tuesday, the FBI said that it had successfully “disrupted and dismantled” the Qakbot malware, and had identified more than 700,000 infected computers worldwide — including more than 200,000 in the United States.

The Department of Justice also announced the seizure of more than $8.6 million in cryptocurrency from the Qakbot cybercriminal organization, which will now be made available to victims.

The operation, which was carried out in partnership with law enforcement agencies in France, Germany, the Netherlands, Romania, Latvia, and the United Kingdom, is described as the largest U.S.-led financial and technical disruption of a botnet infrastructure leveraged by cybercriminals to commit ransomware, financial fraud, and other cyber-enabled criminal activity.

Qakbot, also known as “QBot” and “QuakBot,” was first detected in 2007, and has in recent years become the botnet of choice for some of the most infamous ransomware gangs, including Conti, ProLock, Egregor, REvil, MegaCortex, and Black Basta.

These ransomware gangs received approximately $58 million in ransom payments between October 2021 and April 2023, according to the FBI, and racked up numerous victims, including healthcare providers and government agencies.


The original article contains 335 words, the summary contains 208 words. Saved 38%. I'm a bot and I'm open source!

[–] burtek@programming.dev 5 points 1 year ago

Sorry bot, but you can't just skip the FBI Operation name on this one...

[–] Uniquitous@lemmy.one 2 points 1 year ago

Good job, Feds!