Qakbot: The largest botnet has finally come to an end!

cyber security task force incident response

Share the blog with others

πŸ”₯ Qakbot defeated: The largest botnet has finally come to an end! πŸ”₯

Over 700,000 infected computers, 40 global ransomware attacks and 58 million dollars in damage - that's the balance sheet of Qakbot. But now there is good news: Operation 'Duck Hunt', led by the FBI and in cooperation with international partners such as Europol and the Federal Criminal Police Office, has taken control of the Qakbot infrastructure and successfully removed the malware.

πŸ” Here are some exciting facts:

- Qakbot provided access to ransomware gangs such as Conti, ProLock, Egregor and REvil.
- Victims range from financial institutions on the East Coast to a medical device manufacturer on the West Coast.
- An impressive $9 million in cryptocurrency was seized and returned to the victims.

πŸ”’ What can you do?
If you are concerned that your device may have been infected, there are two websites where you can check your email address: 'Have I Been Pwned' and the Dutch National Police website.

A huge thank you to all the analysts and law enforcement agencies involved in this groundbreaking operation. Here's to a calmer future! πŸ™

P.S.: Don't forget to share the post and the great news so more people can learn about this success!

🚨 Update: Qakbot returns! 🚨

Despite the successful Operation Duck Hunt and international efforts to defeat Qakbot, recent developments show that malware authors have adapted their tactics and put Qakbot back in the race. Security experts are reporting a wave of new activity indicating that Qakbot is back with enhanced capabilities and new defenses.

Here are some alarming developments:

  • New infections: Despite efforts to eradicate Qakbot, new infections are appearing, indicating a revised version of the malware. This version appears to be more resistant to previous defenses.


  • Advanced tactics: Qakbot now relies on more sophisticated phishing campaigns and uses advanced techniques to avoid detection. The malware spreads faster and targets a wider range of victims.


  • Global threat: The new wave of Qakbot attacks is not limited to individual regions, but is a global phenomenon that affects companies, authorities and private individuals worldwide.


  • Collaboration with other malware families: Reports suggest that Qakbot is once again partnering with other ransomware groups, making the threat even more complex and dangerous.


πŸ”’ What can you do now? It's more important than ever to stay vigilant and take preventative measures. Update your security software regularly, be skeptical of unknown emails and attachments and keep up to date with the latest security threats. Regularly check whether your systems and networks are being scanned for anomalies or unauthorized access.


The return of Qakbot is a stern reminder that cyberthreats are constantly evolving and that the fight against malware is an ongoing process. Stay safe and stay informed!


#Cybersecurity #Qakbot #FBI #Europol #Ransomware #InfoSec #bka #cybersecurity #federal criminal police office

Curious to find out more? Contact us now!