Protect Yourself from Cyberattacks: Home Tech and Internet Security Tips

2023-08-29 20:26:15

Home Tech / Web Internet security Cyberattacks

Investigators were able to establish that the modus operandi was to deploy malware on computers. Once infected, cybercriminals demanded ransoms in cryptocurrency.

Published on 08/29/2023 22:26

Reading time: 1 min.

The section for the fight against organized cybercrime (Junalco) of the Paris public prosecutor’s office supervised the French part of the investigation. (Illustrative photo) (ANNETTE RIEDL / DPA)

The Qakbot malicious network (also called Qbot or Pinkslipbot) was dismantled on Saturday August 26 thanks to an international operation involving France, franceinfo learned on Tuesday August 29 via a press release from the Paris prosecutor’s office. The operation also resulted in the seizure of $8.6 million in cryptocurrencies.

>> REPORT. Cyberattacks: how do CyberGEND investigators track down hackers?

Behind this international operation, the police and judicial authorities of the United States, Germany, the Netherlands and France. The prosecutor specifies that the section for the fight against organized cybercrime (Junalco) of the Paris prosecutor’s office supervised the French part.

700,000 computers infected worldwide

The modus operandi of the cybercriminals was to “deploy their Qakbot malware through cyber phishing [le fait de demander à un particulier des informations personnelles via un mail d’apparence légitime par exemple] on targeted computers”. Once this step was completed, cybercriminals implanted malicious software, such as ransomware [logiciel de rançon], in machines. All of the infected computers were then connected together in the form of a network (botnet) “may be sold as such to other cybercriminals”. It was at that time that “these were able to demand ransoms in crypto-currencies, without the victims even being aware beforehand of being infected”.