FBI makes a massive botnet infecting more than 700,000 computers uninstall itself

The US authorities simply helped dismantle a massive community of computers contaminated with one of many world’s most infamous items of malware. According to the FBI, a multinational effort led by the US took down Qakbot, a malware that made its method into over 700,000 computers across the globe.

Hackers usually goal victims with Qakbot by sending them spam emails containing malicious attachments or hyperlinks. As quickly as a sufferer downloads the attachment or clicks the hyperlink, Qakbot infects their laptop, which then turns into a part of a botnet — or a community of contaminated computers managed remotely by hackers. From there, dangerous actors can set up further malware on their victims’ gadgets, akin to ransomware.

To take down the community, the FBI routed Qakbot via FBI-controlled servers, the place it instructed contaminated computers within the US and elsewhere to obtain software program that uninstalled the Qakbot malware. The installer additionally separated contaminated computers from the botnet, “preventing further installation of malware through Qakbot.” As famous by the DOJ, the motion was solely restricted to the malware put in by Qakbot actors and “did not extend to remediating other malware already installed on the victim computers.”

In addition to the US, Operation “Duck Hunt” additionally concerned Europol, France, Germany, the Netherlands, the UK, Romania, and Latvia. The US says the botnet was answerable for a whole bunch of tens of millions of {dollars} in damages and contaminated more than 200,000 computers within the US. Qakbot has been round since 2008 and was leveraged by a number of prolific ransomware teams previously, together with Conti, REvil, MegaCortex, and more. As a part of the operation, the DOJ seized $8.6 million price of extorted funds in crypto.

“An international partnership led by the Justice Department and the FBI has resulted in the dismantling of Qakbot, one of the most notorious botnets ever, responsible for massive losses to victims around the world,” US Attorney Martin Estrada says in a assertion. “Qakbot was the botnet of choice for some of the most infamous ransomware gangs, but we have now taken it out.”

The FBI has since offered Have I Been Pwned with the compromised credentials it discovered throughout the operation, permitting you to enter your e-mail on the location to test for those who had been affected. The Dutch National Police has additionally added affected credentials to its Check Your Hack website.