US Indicts Russian National Over Alleged Role in Qakbot Ransomware Attacks
The Department of Justice (DOJ) on May 22 unsealed charges against a Russian citizen accused of leading a cybercriminal group responsible for the Qakbot malware, which has targeted hundreds of thousands of computers across the United States and globally.
Rustam Rafailevich Gallyamov, 48, of Moscow, allegedly created Qakbot in 2008 and began using it in 2019 to infect computers with ransomware, targeting companies in various sectors, including a dental clinic in Los Angeles, a music company in Tennessee and an insurance company in Maryland, according to the
After infiltrating victims' computers, Gallyamov and his co-conspirators allegedly demanded ransom payments from victims seeking to regain access to their computers and prevent the release of stolen private data.
Prosecutors stated that Gallyamov also partnered with ransomware groups by giving them access to compromised computers in exchange for a share of the ransom payments collected from victims.
The DOJ said that it has filed a complaint seeking the forfeiture of more than $24 million in cryptocurrency seized from Gallyamov throughout the investigation, as it aims to return those funds to victims.
'The criminal charges and forfeiture case announced today are part of an ongoing effort with our domestic and international law enforcement partners to identify, disrupt, and hold accountable cybercriminals,' U.S. Attorney Bill Essayli for the Central District of California said in a
Related Stories
2/13/2025
5/8/2024
'The forfeiture action against more than $24 million in virtual assets also demonstrates the Justice Department's commitment to seizing ill-gotten assets from criminals in order to ultimately compensate victims.'
In 2023, a U.S.-led multinational operation—joined by France, Germany, the Netherlands, the United Kingdom, Romania, and Latvia—disrupted the Qakbot botnet and malware, seizing about $8.6 million in cryptocurrency, according to a previous
At the time, authorities discovered that Qakbot had infected more than 700,000 computers worldwide, including 200,000 in the United States.
According to the indictment, Gallyamov and his co-conspirators allegedly resorted to another hacking mechanism named the 'spam bomb' attack to trick employees of targeted companies into granting access to their computer systems.
Earlier this year, the defendant allegedly carried out spam bomb attacks against companies in the United States by flooding their inboxes with email subscriptions, the DOJ stated.
'Mr. Gallyamov's bot network was crippled by the talented men and women of the FBI and our international partners in 2023, but he brazenly continued to deploy alternative methods to make his malware available to criminal cyber gangs conducting ransomware attacks against innocent victims globally,' Akil Davis, assistant director in charge at the FBI's Los Angeles Field Office, said in a statement.
Gallyamov could be sentenced to up to 25 years in prison if found guilty of the charges.
The Epoch Times could not reach Gallyamov or his legal representative by publication time.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Fox News
39 minutes ago
- Fox News
Former DC teacher arrested, charged with soliciting child pornography: DOJ
A former Washington, D.C., schoolteacher has been arrested by the FBI for allegedly soliciting child pornography from a minor, the Justice Department said Monday. Devonne Keith Brown, 56, who taught health at the IDEA Public Charter School, is accused of soliciting child sexual abuse materials from a young girl in Prince George's County, Maryland. "Those who prey on minors to solicit the production of CSAM are morally reprehensible and will be held accountable for their heinous crimes," said Steven Jensen, assistant director in charge of the FBI Washington Field Office. "The FBI remains committed to protecting our children and ridding our communities of this grievous scourge." Brown is charged with one count of receipt of child pornography and appeared in court Monday. He was detained by a judge pending a Thursday hearing. In addition to soliciting child porn, Brown also allegedly used CashApp to send payments to the minor, federal prosecutors said. "for snacks ? more photos otw," one comment states on a $15 CashApp request sent to Brown from a minor, according to court documents. The unidentified minor told investigators that she met a man named "Joseph" at a grocery store near her home. She said the man sent her money for ice cream via the app. After communicating with the man on social media, she sent him nude images of herself, authorities said. The man who went by "Joseph" also sent the minor images of nude women and asked her to recreate them for him, prosecutors said. Upon further investigation, authorities allege that they also found sexually graphic images and videos in emails sent to Brown by minors. In a statement to FOX 5 DC, the charter school said it was "deeply concerned" by the allegations against Brown. "This individual is no longer employed by the school," the school said. "The safety and well-being of our students is our highest priority. We are fully cooperating with law enforcement and supporting their ongoing investigation. Based on the information currently available to us, there is no indication that any IDEA student was directly involved." Fox News Digital has reached out to the school.
Yahoo
44 minutes ago
- Yahoo
Colorado Springs neighbor says Boulder terror attack suspect lived next door
Bradley Davis COLORADO SPRINGS, Colo. (KRDO) – A family in the Cimarron Hills area of Colorado Springs said they recognized the man arrested in Boulder for the attack on Israeli hostage protestors as their neighbor. A man reportedly set people on fire on Sunday, leaving multiple people hurt as people gathered for a demonstration in support of the Israeli hostages. The neighbors wanted their names to be anonymous, but the mother said a man living at the apartment complex investigated by the FBI Sunday night introduced himself to her as 'Mohamed' when they moved in two years ago. The FBI said their suspect in custody is a man named Mohamed Soliman. According to Stephen Miller, who is serving as White House deputy chief of staff for policy and homeland security advisor, the suspect was living in the country illegally on an overstayed visa. Miller said he was granted a tourist visa under the Biden Administration. 'This is scary. I'm going to be honest, this is scary,' the woman said. 'Especially the times that we live in. You see someone's car pull up, and you don't know who is who.' The mother's young daughter said she went next door to play with the man's children on a regular basis. She said she was going over to do the same Saturday, a day before the attack, when she said the whole family piled into their SUV in a rush, ignoring her as she walked over to their door. 'My mom asked me if they waved or not, and they didn't because the dad was driving, and he was rushing,' she said. 'You saw the dad driving on Saturday?' KRDO13's Bradley Davis asked. 'Yes.' 'Did he look like the picture of the man you saw who got arrested?' 'Yes.' She also said she saw the dad, introduced to them as Mohamed, walking out of the apartment with a large black bag and a yellow long-nosed lighter shortly before leaving. Both said they heard the FBI investigators when they came to their street on Sunday. The mother said the agents started further up the street and assumed it was about someone she didn't know until she heard them close in on their neighbor's home. 'You heard them yell out the address, and that's when we knew,' she said. The daughter said she heard a loud banging and believes it was the FBI agents entering the home. Both said they did not see any of the family members during the whole process. They said all the family's cars are gone from the street and driveway. The woman said the FBI did not contact them to ask about Mohamed or the family. She said they have eaten together, and they always seemed like a normal, neighborly family. The FBI said it was investigating the home in Cimarron Hills in connection with what the agency is calling a terror attack in Boulder. It has not been officially confirmed by law enforcement that it is the residence of their suspect, Mohamed Soliman. Law enforcement officials said there are now 8 victims in the attack, where Soliman allegedly used a makeshift flamethrower to burn the Israeli hostage protestors. Click here to follow the original article.
Yahoo
44 minutes ago
- Yahoo
Honduran national charged after entering Florida Navy base illegally following crash: DOJ
A Honduran national has been charged in federal court after he allegedly crashed a vehicle into a barricade outside the Pensacola, Florida, Navy base and entered the base illegally while running from law enforcement, according to the Department of Justice (DOJ). Orly Moises Garcia Hernandez, 34, has been charged with illegally entering a military, Naval or Coast Guard property, and resisting or impeding arrest by a federal officer, the DOJ said in a news release. On May 25, Garcia Hernandez allegedly crashed into a barricade outside a checkpoint at the Naval Air Station Pensacola gate, then ran from military forces onto the base to escape apprehension. Ice Files Detainers Against 2 Illegal Aliens, Including 1 Facing Attempted Murder Charges For Shooting Spree Military police ultimately captured Garcia Hernandez at gunpoint after the foot pursuit. If he is convicted, Garcia Hernandez could face up to 18 months in prison and deportation. Read On The Fox News App Accused Ms-13 Ringleader One Step Closer To Deportation After Judge Dismisses Charges Santa Rosa County Jail records show Garcia Hernandez is being held without bond. The investigation into Garcia Hernandez's alleged actions is being handled by the U.S. Navy and Homeland Security Investigations. Tom Homan Vows Action As California Set To Release Illegal Immigrant Who Killed Two Teens The DOJ said the case is part of Operation Take Back America, a nationwide initiative that streamlines efforts and resources within the Department of Homeland Security to not just crack down on illegal immigration but also achieve the total elimination of cartels and transnational criminal organizations (TCOs) and protect our communities from the "perpetrators of violent crimes." The operation also streamlines efforts and resources from the DHS's Organized Crime Drug Enforcement Task Forces (OCDETFs) and Project Safe Neighborhood (PSN).Original article source: Honduran national charged after entering Florida Navy base illegally following crash: DOJ
