The SecurityScorecard STRIKE team aided U.S. law enforcement in a long-term investigation of Qakbot, a malware used by ransomware groups. Russian national Rustam Rafailevich Gallyamov was indicted, leading to $24 million in seized assets. The disruption marked a shift from infrastructure takedown to actor attribution. Gallyamov operated Qakbot since 2008, supporting major ransomware activities, and faces up to 25 years in prison if convicted.
Table of contents
Key Takeaways:STRIKE’s Role in Supporting IdentificationQakbot’s Role in Ransomware DeploymentTactic Shift After DisruptionWhat This Means for Cybercrime DisruptionSort: