Qakbot: The largest botnet has finally come to an end!

cyber security task force incident response

Share the blog with others

πŸ”₯ Qakbot defeated: The largest botnet has finally come to an end! πŸ”₯

Over 700,000 infected computers, 40 global ransomware attacks, and 58 million dollars in damages – that is the tally from Qakbot. But now there is good news: Operation 'Duck Hunt' led by the FBI and in collaboration with international partners such as Europol and Bundeskriminalamt has taken control of the Qakbot infrastructure and successfully removed the malware.

πŸ” Here are some exciting facts:

- Qakbot facilitated access to ransomware gangs like Conti, ProLock, Egregor, and REvil.
- The victims range from financial institutions on the East Coast to a medical device manufacturer on the West Coast.
- An impressive 9 million dollars in cryptocurrency has been seized and refunded to the victims.

πŸ”’ What can you do?
If you are concerned that your device might be infected, there are two websites where you can check your email address: 'Have I Been Pwned' and the website of the Dutch National Police.

A huge thank you to all the analysts and law enforcement agencies who were involved in this groundbreaking operation. Here’s to a calmer future! πŸ™

P.S.: Don’t forget to share the post and the great news so that more people can learn about this success!

🚨 Update: Qakbot returns! 🚨

Despite the successful operation 'Duck Hunt' and the international efforts to defeat Qakbot, recent developments show that the malware authors have adjusted their tactics and unleashed Qakbot once again. Security experts report a wave of new activities indicating that Qakbot is back with enhanced capabilities and new defense mechanisms.

Here are some alarming developments:

  • Re-infections: Despite efforts to eradicate Qakbot, new infections are appearing that point to a revised version of the malware. This version seems more resistant to previous defenses.


  • Advanced tactics: Qakbot is now employing more sophisticated phishing campaigns and using advanced techniques to evade detection. The malware spreads faster and targets a wider range of victims.


  • Global threat: The new wave of Qakbot attacks is not confined to individual regions but is a global phenomenon affecting businesses, authorities, and individuals worldwide.


  • Collaboration with other malware families: Reports suggest that Qakbot is forming partnerships with other ransomware groups once again, making the threat even more layered and dangerous.


πŸ”’ What can you do now? It is more important than ever to stay vigilant and take preventive measures. Regularly update your security software, be skeptical of unknown emails and attachments, and stay informed about the latest security threats. Regularly check if your systems and networks are being scanned for anomalies or unauthorized access.


The return of Qakbot is a serious reminder that cyber threats are constantly evolving and that the fight against malware is an ongoing process. Stay safe and informed!


#Cybersecurity #Qakbot #FBI #Europol #Ransomware #InfoSec #bka #cybersecurity #bundeskriminalamt

Curious for more? Contact us now!