Skip to content
  • Blog Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form

Russian Qakbot Gang Leader Indicted in US

Posted on May 23, 2025May 23, 2025 By CWS

A Russian nationwide has been indicted within the US for main the cybercrime group behind the notorious Qakbot malware and botnet.

The person, Rustam Rafailevich Gallyamov, 48, allegedly “developed, deployed, and managed the Qakbot malware starting in 2008”.

Often known as Pinkslipbot and QBot, Qakbot was distributed by means of spam campaigns, hijacked electronic mail threads, or the exploitation of recognized vulnerabilities in internet-facing belongings.

In keeping with the newly unsealed indictment (PDF), beginning 2019, the Qakbot gang, led by Gallyamov, contaminated tons of of hundreds of computer systems worldwide, ensnaring them in a botnet.

Victims of the assaults included healthcare, insurance coverage, manufacturing, advertising and marketing, music, actual property, expertise, and telecommunications organizations within the US.

Gallyamov and his co-conspirators allegedly offered entry to Qakbot-infected machines to different cybercriminals, who deployed ransomware households similar to Black Basta, Cactus, Conti, Doppelpaymer, Egregor, Title Locker, Prolock, and REvil.

Gallyamov himself allegedly contaminated a few of the victims with the Black Basta and Cactus ransomware households.

“Ransomware victims have been then extorted by defendant Gallyamov and his coconspirators to pay ransoms to regain entry to and/or stop the dissemination of their non-public knowledge. Defendant Gallyamov and his coconspirators obtained a portion of any ransom paid,” the indictment reads.Commercial. Scroll to proceed studying.

In August 2023, legislation enforcement companies in a number of nations took down Qakbot’s infrastructure, disrupting the botnet and seizing tens of millions of {dollars} in cryptocurrency. Quickly after, nevertheless, the Qakbot gang was seen persevering with the deployment of ransomware and malware.

In keeping with the indictment, as of Could 2025, Gallyamov continues to interact in actions involving laptop hacking, malware deployment, knowledge theft, and extortion. As a substitute of utilizing a botnet, the cybercriminal has relied on ‘spam bombing’ to focus on sufferer organizations.

A civil forfeiture criticism (PDF) filed by the Division of Justice on Thursday reveals that, on April 25, 2025, pursuant to a seizure warrant, authorities seized an extra $4 million in cryptocurrency from Gallyamov. The US estimates that the illicit proceeds seized from Gallyamov are value over $24 million.

The actions in opposition to Gallyamov have been taken along side Operation Endgame, an ongoing worldwide legislation enforcement effort to disrupt cybercrime operations worldwide. This week, authorities introduced the takedown of DanaBot and Lumma Stealer as a part of Operation Endgame.

Associated: US Broadcasts Botnet Takedown, Fees Towards Russian Directors

Associated: US Indicts China’s iSoon ‘Hackers-for-Rent’ Operatives

Associated: US Fees Genesis Market Consumer

Associated: US Fees 5 Folks Over North Korean IT Employee Scheme

Security Week News Tags:Gang, Indicted, Leader, Qakbot, Russian

Post navigation

Previous Post: 300 Servers and €3.5M Seized as Europol Strikes Ransomware Networks Worldwide
Next Post: ViciousTrap Uses Cisco Flaw to Build Global Honeypot from 5,300 Compromised Devices

Related Posts

Zero-Day Attacks Highlight Another Busy Microsoft Patch Tuesday Security Week News
NATO-Flagged Vulnerability Tops Latest VMware Security Patch Batch Security Week News
Airoha Chip Vulnerabilities Expose Headphones to Takeover Security Week News
Technical Details Published for Critical Cisco IOS XE Vulnerability Security Week News
Trustifi Raises $25 Million for AI-Powered Email Security Security Week News
New UK Framework Pressures Vendors on SBOMs, Patching and Default MFA Security Week News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • The Wild Wild West of Agentic AI – An Attack Surface CISOs Can’t Afford to Ignore
  • Malicious Pull Request Targets 6,000+ Developers via Vulnerable Ethcode VS Code Extension
  • SAP Patches Critical Flaws That Could Allow Remote Code Execution, Full System Takeover
  • Exploits, Technical Details Released for CitrixBleed2 Vulnerability
  • PoC Exploits for CitrixBleed2 Flaw Released – Attackers Can Exfiltrate 127 Bytes Per Request

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • The Wild Wild West of Agentic AI – An Attack Surface CISOs Can’t Afford to Ignore
  • Malicious Pull Request Targets 6,000+ Developers via Vulnerable Ethcode VS Code Extension
  • SAP Patches Critical Flaws That Could Allow Remote Code Execution, Full System Takeover
  • Exploits, Technical Details Released for CitrixBleed2 Vulnerability
  • PoC Exploits for CitrixBleed2 Flaw Released – Attackers Can Exfiltrate 127 Bytes Per Request

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News