Qakbot malware foiled: Can lessons be learned?

With the Qakbot malware neutralised, cyber crime of this scale could prompt further scrutiny of global cybersecurity measures to counter threats

The National Crime Agency (NCA) recently announced that it has taken down Qakbot malware, which facilitated ransomware attacks and caused millions of pounds worth of damage worldwide.

Qakbot malware (also known as ‘Qbot’ and ‘Pinkslipbot’) was responsible for infecting more than 700,000 computers globally, including in the UK, via spam emails.

The operation, led by the FBI and the Department of Justice, saw the seizure of Qakbot’s infrastructure in the US and across Europe on 26th August 2023, with the NCA ensuring that UK servers were taken offline. US authorities also seized illicit cryptocurrency profits worth US$8.6m.

The war against cyber crime to prevent malware damage

As reported by Reuters, US attorney Martin Estrada said this move against Qakbot was the most significant technological and financial operation ever led by the Department of Justice against a botnet (interconnected network of infected computers used to spread viruses).

Cyberattacks operating at this scale is a crucial example of the increase in malware targeting and impacting essential systems and business operations. It speaks to the wider concerns about increased threats to digital security systems.

The UK has seen plenty of criminal cyber activity within the past year, including a large-scale attack on the UK electoral register that saw huge swathes of personal data of UK voters compromised.

Qakbot, on the other hand, was a much more long-term global operation that saw the bad actors offer access to it for a fee. It was a go-to service for cyber criminals for at least 16 years, used by criminal groups behind ransomware strains Conti, ProLock, Egregor, REvil, MegaCortex, and Black Basta, to steal personal data, including banking credentials, from victims.

It was revealed that between October 2021 and April 2023, Qakbot administrators received approximately US$58m in ransoms paid by victims.

Crucial investment into cybersecurity services to prevent further damage

Will Lyne, Head of Cyber Intelligence at the NCA, said: “This investigation has taken out a prolific malware that caused significant damage to victims in the UK and around the world.

“Qakbot was a key enabler within the cyber crime ecosystem, facilitating ransomware attacks and other serious threats.

“This activity demonstrates how, working alongside international partners, [the NCA] are having an impact on those key enablers and the ransomware business model.”

2023 has seen its fair share of criminal activity in the digital space, with bad actors seeking to steal finances, sensitive data or withhold key services.

It has been found that government sectors experienced the longest attacks of any sector, which changed from healthcare in 2022, stressing the need for greater resilience moving forward. Across all industries, Zayo Group found that the average duration of attacks increased by 216% from Q1 to Q2 in 2023.

Whilst Qakbot is an excellent example of how malware can be stopped from causing further damage, it will be important for businesses and key organisations to collaborate on ensuring future successes within cybersecurity and data protection. 


For more insights into the world of Cyber - check out the latest edition of Cyber Magazine and be sure to follow us on LinkedIn & Twitter.

Other magazines that may be of interest - Technology Magazine | AI Magazine.

Please also check out our upcoming event - Cloud and 5G LIVE on October 11 and 12 2023.


BizClik is a global provider of B2B digital media platforms that cover Executive Communities for CEOs, CFOs, CMOs, Sustainability leaders, Procurement & Supply Chain leaders, Technology & AI leaders, Cyber leaders, FinTech & InsurTech leaders as well as covering industries such as Manufacturing, Mining, Energy, EV, Construction, Healthcare and Food.

BizClik – based in London, Dubai, and New York – offers services such as content creation, advertising & sponsorship solutions, webinars & events.


Featured Articles

Tech & AI LIVE: Key Events that are Vital for Cybersecurity

Connecting the world’s technology and AI leaders, Tech & AI LIVE returns in 2024, find out more on what’s to come in 2024

MWC Barcelona 2024: The Future is Connectivity

Discover the latest in global technology and connectivity at MWC Barcelona 2024, where industry giants converge to discuss 5G, AI and more industry trends

AI-Based Phishing Scams Are On The Rise This Valentine’s Day

Research from Egress Threat Intelligence, Avast, Cequence Security & KnowBe4 outlines how AI is being used in dating app phishing scams on Valentine’s Day

Speaker Lineup Announced for Tech Show London 2024

Technology & AI

Darktrace predicts AI deepfakes and cloud vulnerabilities

Cloud Security

Secure 2024: AI’s impact on cybersecurity with Integrity360

Technology & AI