$24 Million in Crypto Seized From Russian Qakbot Malware Leader

$24 Million in Cryptocurrency Seized from Russian Malware Network

  • Authorities seized over $24 million in cryptocurrency from the leader of a Russian cybercrime group.
  • Rustam Rafailevich Gallyamov was indicted for creating and managing the Qakbot Malware used in global Ransomware attacks.
  • The coordinated investigation included agencies from the U.S., France, Germany, Netherlands, Denmark, the U.K., and Canada.
  • Despite law enforcement efforts in 2023, Gallyamov and associates continued cyberattacks with new tactics.
  • The U.S. Department of Justice aims to return the seized funds to victims.

Agencies from several countries joined forces in a multinational operation that led to the seizure of more than $24 million in cryptocurrency from Rustam Rafailevich Gallyamov, a Russian national accused of leading a cybercriminal group. Officials indicted Gallyamov on federal charges following actions coordinated by the United States, France, Germany, the Netherlands, Denmark, the United Kingdom, and Canada to target cybercrime networks.

- Advertisement -

According to prosecutors, the Federal Bureau of Investigation (FBI) and its international partners disrupted Gallyamov’s illegal bot network in 2023, but he continued to find new ways to distribute his malware to other cyber gangs. Assistant Director Akil Davis of the FBI’s Los Angeles Field Office stated that Gallyamov worked with criminal organizations carrying out ransomware attacks worldwide.

Court documents state that Gallyamov began developing the Qakbot malware in 2008, then used it from 2019 to infect thousands of computers and create a botnet—a network of hacked machines remotely controlled to spread further attacks. Once inside victim systems, Gallyamov allowed his collaborators to use ransomware such as Prolock, Dopplepaymer, Egregor, REvil, Conti, Name Locker, Black Basta, and Cactus for financial gain. He received a share of the ransoms sent by individuals and companies targeted by these attacks.

Even after authorities dismantled the Qakbot botnet, Gallyamov and his group found new ways to continue their operations. The indictment details their use of “spam bomb” attacks, which bombard companies with large volumes of email spam intended to trick employees into giving up access credentials. The Department of Justice alleges that as recently as January 2025, Gallyamov led such attacks against U.S. companies and deployed new ransomware variants.

On April 25, the FBI, acting on a seizure warrant, confiscated more than 30 Bitcoin and additional cryptocurrency—worth over $24 million as detailed by the Department of Justice. Officials filed a civil forfeiture complaint in California to transfer the seized funds back to victims.

For further details or follow-up, readers are directed to contact editorial@rttnews.com or refer to Business News.

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

- Advertisement -

Previous Articles:

BitNewsBot Newsletter Subscription
- Advertisement -

Latest News

Trump Administration Unveils Ambitious Plan for Golden Age of Crypto

Donald Trump’s administration prepares to launch a pro-cryptocurrency policy shift in the U.S. The new...

Chinese Firms Behind Silk Typhoon Hold Patents for Hacking Tools

Chinese companies linked to the state-backed Hacking group Silk Typhoon (also known as Hafnium)...

Morgan Stanley Warns: US Dollar Could Drop 9% by 2025

Morgan Stanley forecasts the U.S. dollar could drop up to 9% in value over...

ZA Group Leads $40M in RD Technologies as HK Stablecoin Law Starts

ZA Group led a $40 million Series A2 funding round in RD Technologies, a...

China Jails Tech Exec for $19.5M Crypto Laundering, Recovers $11M

Chinese authorities sentenced a former tech executive to 14.5 years in prison for embezzling...

Must Read

Best Metaverse Tokens to Buy on Binance for 10X Gains

Ever since Facebook renamed their company to Meta, as well as their plans to build a metaverse where we can travel into using Virtual...