- Authorities seized over $24 million in cryptocurrency from the leader of a Russian cybercrime group.
- Rustam Rafailevich Gallyamov was indicted for creating and managing the Qakbot Malware used in global Ransomware attacks.
- The coordinated investigation included agencies from the U.S., France, Germany, Netherlands, Denmark, the U.K., and Canada.
- Despite law enforcement efforts in 2023, Gallyamov and associates continued cyberattacks with new tactics.
- The U.S. Department of Justice aims to return the seized funds to victims.
Agencies from several countries joined forces in a multinational operation that led to the seizure of more than $24 million in cryptocurrency from Rustam Rafailevich Gallyamov, a Russian national accused of leading a cybercriminal group. Officials indicted Gallyamov on federal charges following actions coordinated by the United States, France, Germany, the Netherlands, Denmark, the United Kingdom, and Canada to target cybercrime networks.
According to prosecutors, the Federal Bureau of Investigation (FBI) and its international partners disrupted Gallyamov’s illegal bot network in 2023, but he continued to find new ways to distribute his malware to other cyber gangs. Assistant Director Akil Davis of the FBI’s Los Angeles Field Office stated that Gallyamov worked with criminal organizations carrying out ransomware attacks worldwide.
Court documents state that Gallyamov began developing the Qakbot malware in 2008, then used it from 2019 to infect thousands of computers and create a botnet—a network of hacked machines remotely controlled to spread further attacks. Once inside victim systems, Gallyamov allowed his collaborators to use ransomware such as Prolock, Dopplepaymer, Egregor, REvil, Conti, Name Locker, Black Basta, and Cactus for financial gain. He received a share of the ransoms sent by individuals and companies targeted by these attacks.
Even after authorities dismantled the Qakbot botnet, Gallyamov and his group found new ways to continue their operations. The indictment details their use of “spam bomb” attacks, which bombard companies with large volumes of email spam intended to trick employees into giving up access credentials. The Department of Justice alleges that as recently as January 2025, Gallyamov led such attacks against U.S. companies and deployed new ransomware variants.
On April 25, the FBI, acting on a seizure warrant, confiscated more than 30 Bitcoin and additional cryptocurrency—worth over $24 million as detailed by the Department of Justice. Officials filed a civil forfeiture complaint in California to transfer the seized funds back to victims.
For further details or follow-up, readers are directed to contact editorial@rttnews.com or refer to Business News.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
Previous Articles:
- AI Advances Bring Formal Verification to Bitcoin and Software Security
- US Senate Advances GENIUS Act, Pushing Stablecoin Regulation Forward
- Solana Shows Strength, Eyes Further Gains Amid Market Uncertainty
- Hedera Developers: Comparing Options for JSON RPC Relay Setup
- Sui’s Cetus Hacked, $223M Stolen, Funds Frozen in Rare Move
