$24 Million in Crypto Seized From Russian Qakbot Malware Leader

$24 Million in Cryptocurrency Seized from Russian Malware Network

  • Authorities seized over $24 million in cryptocurrency from the leader of a Russian cybercrime group.
  • Rustam Rafailevich Gallyamov was indicted for creating and managing the Qakbot Malware used in global Ransomware attacks.
  • The coordinated investigation included agencies from the U.S., France, Germany, Netherlands, Denmark, the U.K., and Canada.
  • Despite law enforcement efforts in 2023, Gallyamov and associates continued cyberattacks with new tactics.
  • The U.S. Department of Justice aims to return the seized funds to victims.

Agencies from several countries joined forces in a multinational operation that led to the seizure of more than $24 million in cryptocurrency from Rustam Rafailevich Gallyamov, a Russian national accused of leading a cybercriminal group. Officials indicted Gallyamov on federal charges following actions coordinated by the United States, France, Germany, the Netherlands, Denmark, the United Kingdom, and Canada to target cybercrime networks.

- Advertisement -

According to prosecutors, the Federal Bureau of Investigation (FBI) and its international partners disrupted Gallyamov’s illegal bot network in 2023, but he continued to find new ways to distribute his malware to other cyber gangs. Assistant Director Akil Davis of the FBI’s Los Angeles Field Office stated that Gallyamov worked with criminal organizations carrying out ransomware attacks worldwide.

Court documents state that Gallyamov began developing the Qakbot malware in 2008, then used it from 2019 to infect thousands of computers and create a botnet—a network of hacked machines remotely controlled to spread further attacks. Once inside victim systems, Gallyamov allowed his collaborators to use ransomware such as Prolock, Dopplepaymer, Egregor, REvil, Conti, Name Locker, Black Basta, and Cactus for financial gain. He received a share of the ransoms sent by individuals and companies targeted by these attacks.

Even after authorities dismantled the Qakbot botnet, Gallyamov and his group found new ways to continue their operations. The indictment details their use of “spam bomb” attacks, which bombard companies with large volumes of email spam intended to trick employees into giving up access credentials. The Department of Justice alleges that as recently as January 2025, Gallyamov led such attacks against U.S. companies and deployed new ransomware variants.

On April 25, the FBI, acting on a seizure warrant, confiscated more than 30 Bitcoin and additional cryptocurrency—worth over $24 million as detailed by the Department of Justice. Officials filed a civil forfeiture complaint in California to transfer the seized funds back to victims.

For further details or follow-up, readers are directed to contact editorial@rttnews.com or refer to Business News.

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -

Latest News

Elon Musk’s New ‘America Party’ to Back Bitcoin, Embrace Tech

Elon Musk plans to create a centrist political group called the 'America Party' after...

UAE Denies TON’s Golden Visa Offer for $100K Staked Toncoin

The Open Network (TON) announced a program offering 10-year UAE Golden Visas to applicants...

Putin: 90% of BRICS Transactions Now Settled in Local Currencies

BRICS confirmed that 90% of all transactions among member countries are now settled in...

Bitcoin, Major Cryptos Jump as US Eyes Trade Deals Before Tariff Deadline

Major cryptocurrencies increased Sunday following comments from U.S. Treasury Secretary Scott Bessent about imminent...

Must Read

What Is a Sim Swap Hack?

You've likely heard the term 'sim-swap,' but do you really know what it means? It's a type of fraud that's rapidly increasing, where scammers...