In a large-scale special operation, a cybercriminal network from the Russian Federation that infected 300,000 computers worldwide has been exposed
Kyiv • UNN
An international special operation has exposed a Russian network of hackers who infected more than 300,000 devices in various countries. Among the suspects are Russians and a Ukrainian, the investigation is ongoing.
Law enforcement officers from Great Britain, the USA, Canada, Germany, France, Denmark and the Netherlands, during a large-scale international special operation, exposed and partially neutralized a Russian cybercriminal network that infected computers with Qakbot, Danabot, Conti and other malicious programs. This is reported by UNN with reference to the publication The Guardian.
Details
It is noted that hackers from Russia and related structures infected more than 300,000 devices in the USA, Europe, Australia, Poland, India and Italy. The purpose of the attacks is data theft, blackmail, as well as cyber espionage against government, diplomatic and military institutions. Part of the stolen information was stored on servers in Russia.
The indictment states that the virus was advertised on Russian-language criminal forums, and also had a "spy version used to attack military, diplomatic, governmental and non-governmental organizations.
International investigators have identified 37 people, 20 of whom have been put on the international wanted list. The US has also charged 16 hackers, including the organizers of the Qakbot and Danabot malicious networks.
The list of suspects includes: Rustam Gallyamov (Moscow), Oleksandr Stepanov (pseudonym JimmBee) and Artem Kalinkin (Onix) from Novosibirsk, as well as Ukrainian Roman Prokop, who is considered a member of Qakbot. International investigators stated that most of the suspects are citizens of Russia.
The investigators are paying special attention to Russian Vitaliy Kovalev, who, according to the German police, is behind the Conti group. German investigators call him one of the "most successful blackmailers in the history of cybercrime".
Operation Endgame, led by Germany, has been ongoing since 2022. According to German investigators, despite the low probability of extradition of the defendants from Russia or Dubai, their identification and exposure have already dealt a powerful blow to the cybercriminal landscape.
The investigation is ongoing. In the USA, a reward of 10 million dollars has been announced for information that will help detain the leaders of Conti.
Let us remind you
Russian military intelligence hacked security cameras on the EU borders, stole passwords and carried out cyberattacks to disrupt the supply of Western aid to Ukraine, British intelligence reports.