The U.S. Department of Justice (DOJ) has filed a civil forfeiture complaint to seize more than $24 million in cryptocurrency from Russian national Rustam Rafailevich Gallyamov, who is accused of developing Qakbot malware.
According to May 22 announcementMinistry of Justice’s unsealed charges against 48-year-old Moscow with federal indictment. Gallyamov is allegedly the malware developer behind Qakbot Botnet.
“Today, the Department of Justice’s latest move to the Qakbot malware program has sent a clear message to the cybercrime community,” said Matthew Galeotti, head of the Justice Criminal Division.
Galeotti stressed that the Justice Department is “decided to hold cybercriminals accountable.” He added that the department will “use all legal tools” to “identify you, accuse you, seize your rudeness and destroy your criminal activities”.
Related: Microsoft takes legal action against InfoStealer Lumma
More than $24 million was confiscated
U.S. Attorney Bill Essayli, of the Central California region, explained that “the criminal charges and forfeiture cases announced today are part of the ongoing effort” to “identify, undermine and possess responsible cybercriminals.” He added:
“The forfeiture lawsuit for more than $24 million in virtual assets also demonstrates the Justice Department’s commitment to seizing ill-gotten gains from criminals to ultimately compensate the victims.”
Qakbot was weakened by the agency and its partners in 2023, said Akil Davis, assistant director of the FBI’s Los Angeles field office. Gallyamov is allegedly continuing to deploy alternatives to deliver his malware to potential partners.
Related: Chinese printer manufacturers spread Bitcoin stealing malware – Report
QAKBOT used in global ransomware attacks
Gallyamov allegedly operated Qakbot malware in 2008. In 2019, he used it to infect thousands of victim computers to build so-called botnets.
Computers that access part of the Plant Network are sold to other computers that have infected them with ransomware, including Prolock, DopplePaymer, Egregor, Egregor, Revil, Conti, Conti, Name Locker, Name Locker, Black Bast and Cactus. 2023, an international action led by the United States Destroy Qakbot botnet and malware.
At that time, more than 170 bitcoins (BTC) and over $4 million USDT (USDT) and USDC (USDC) Stabilizer was seized from Gallyamov. According to the indictment, he and his collaborators continued the campaign after being interrupted, adopting new technologies, including direct deployment of Black Basta and Cactus ransomware.
Magazine: Reports on crypto trading hacks
