The Resurgence of Qakbot—Why the Feds' Takedown Wasn't the Final Chapter


Published on Oct 6, 2023   —   2 min read

Members Only

Just when we thought the notorious Qakbot ransomware gang was down for the count, they've made a comeback that's as surprising as finding out your retired network engineer grandma is a secret Fortnite champion. In August, a multi-agency operation led by the FBI seized the gang's infrastructure and dismantled their formidable botnet. But like a villain in a superhero movie, they've returned. Let's dive into how and why this happened.

The Initial Takedown

Before the takedown, Qakbot (also known as QBot, QuackBot, and Pinkslipbot) was a significant player in the cybercrime world. According to ReliaQuest, it accounted for 30% of all malware loaders observed in the first seven months of 2023. The FBI-led operation in August seemed like a significant win, as it not only seized the gang's infrastructure but also uninstalled the malware from 700,000 computers.

This post is for subscribers only

Subscribe now and have access to all our stories, enjoy exclusive content and stay up to date with constant updates.


Already have an account? Sign in

Share on Facebook Share on Linkedin Share on Twitter Send by email

Subscribe to the newsletter

Subscribe to the newsletter for the latest news and work updates straight to your inbox, every week.