SecurityScorecard’s STRIKE team supported U.S. law enforcement Qakbot, a malware platform linked to historic and widespread ransomware.

SecurityScorecard is a publication offering insights, tutorials, and resources for cybersecurity professionals and risk managers. Readers can learn about cybersecurity risk assessment, threat intelligence, and security ratings. With reports, whitepapers, and industry analysis, SecurityScorecard provides  guidance and expertise for improving cybersecurity posture and managing digital risk.

SecurityScorecard

The SecurityScorecard STRIKE team aided U.S. law enforcement in a long-term investigation of Qakbot, a malware used by ransomware groups. Russian national Rustam Rafailevich Gallyamov was indicted, leading to $24 million in seized assets. The disruption marked a shift from infrastructure takedown to actor attribution. Gallyamov operated Qakbot since 2008, supporting major ransomware activities, and faces up to 25 years in prison if convicted.

How STRIKE Helped Identify Qakbot’s Alleged Operator and Support a $24M Asset Seizure

STRIKE’s Role in Supporting Identification

What This Means for Cybercrime Disruption