International operation dismantles Qakbot malware, 22 servers seized in the Netherlands

22 servers linked to Qakbot, one of the world's largest botnets, were seized and taken offline by the Dutch police as part of an international cybercrime operation, the Public Prosecution Service and the police announced in a joint press release on Tuesday. Cybercriminals used this botnet infrastructure to commit ransomware, financial fraud, and other cybercriminal activities.

The operation, the largest against a botnet infrastructure, was a collaboration between authorities from the Netherlands, the United States, Germany, France, the United Kingdom, Romania, and Lithuania. It took place overnight from Friday to Saturday and was coordinated by the United States. In the Netherlands, 22 servers linked to Qakbot were seized and taken offline. Eight servers were also taken offline in Germany and six in France.

Qakbot infected computers primarily through spam emails containing malicious attachments or links. Once someone downloaded the attachment or clicked on the link, Qakbot could deploy additional malware to their computer, which became part of a botnet network that could be controlled remotely.

Qakbot played a significant role in global cybercrime in recent years as it opened the door for other cybercrimes. Large criminal organizations paid for access to infected computer networks, where they then installed ransomware. Users of these infected computers often remain unaware that they have been compromised. Estimates from the FBI suggest that since its creation in 2008, Qakbot malware has caused hundreds of millions of dollars in losses worldwide.

The Dutch police have identified 7.6 billion stolen credentials, including email addresses and login information. People can check if their credentials are infected by visiting www.politie.nl/checkjehack.