The FBI Just Took Down a Massive Malware That Infected 700,000 Computers





The Federal Bureau of Investigations and its European partners took down a global malware network that’s been using a malicious software agent to commit numerous cybercrimes for the last 15 years, according to a release from the Department of Justice.

The operation also saw the seizure of over $8.6 million in illicit cryptocurrency profits, and authorities are remotely deleting the Qakbot malware botnet from thousands of infected computers. US Attorney General Martin Estrada’s office plans to make the seized cryptocurrency funds to Qakbot victims.

Estrada said Qakbot — also known as Qbot and Pinkslipbot is one of the most notorious botnets, or network of compromised computers, ever and a favorite amongst infamous ransomware gangs. The malware could infect computers through spam email messages with malicious attachments or links. Once infected, Qakbot would deliver more malware and ransomware to the compromised computers, often time without the victims’ knowledge. Cyber criminals could then easily extort victims — often businesses, healthcare providers and government agencies — for money in exchange for access to their computers. Between October 2021 and April 2023, the investigators estimate victims paid about $58 million to Qakbot administrators.

“The Operation ‘Duck Hunt’ Team utilized their expertise in science and technology, but also relied on their ingenuity and passion to identify and cripple Qakbot, a highly structured and multi-layered bot network that was literally feeding the global cybercrime supply chain,” Donald Alway, the assistant director in charge of the FBI’s Los Angeles Field Office, said in a statement.

Operation Duck Hunt discovered just how far-reaching the network was, identifying over 700,000 infected computers worldwide — more than 200,000 in the US alone. Because the malware was part of a botnet, bad actors could remotely control all the infected computers.

While the action against Qakbot will prevent numerous cyberattacks in the public and private sector, cybercrime is like battling a Hydra — as soon as you cut off one head, another head — or two or three — will take its place. The DOJ said the operation only removed Qakbot malware, meaning if other malware was already installed, it’s still there.

There are steps you can take to protect yourself like changing your passwords often, researching an app before downloading it and learning how to spot phishing messages. Google is also testing a Safety Check tool that can alert you when a malicious extension is detected on your Chrome browser.

Disclaimer: To address the growing use of ad blockers we now use affiliate links to sites like, streaming services, and others. Affiliate links help sites like Cord Cutters News, stay open. Affiliate links cost you nothing but help me support my family. We do not allow paid reviews on this site. As an Amazon Associate I earn from qualifying purchases.

Subscribe to Our Newsletter

* indicates required

Please select all the ways you would like to hear from :

You can unsubscribe at any time by clicking the link in the footer of our emails. For information about our privacy practices, please visit our website.

We use Mailchimp as our marketing platform. By clicking below to subscribe, you acknowledge that your information will be transferred to Mailchimp for processing. Learn more about Mailchimp’s privacy practices here.