🔴 Website 👉 https://u-s-news.com/
Telegram 👉 https://t.me/usnewscom_channel
American taxpayers to receive $24 million recovered from a Russian cybercriminal mastermind who spent 15 years extorting US businesses through sophisticated malware attacks.
Key Takeaways
- Russian national Rustam Gallyamov has been charged with developing and controlling the Qakbot malware, which infected over 700,000 computers worldwide, including 200,000 in the US.
- Federal authorities have seized over $24 million in cryptocurrency from Gallyamov to compensate victims of his ransomware schemes.
- Gallyamov partnered with notorious ransomware gangs, providing access to compromised systems for a share of the ransom payments.
- Despite a 2023 multinational operation that disrupted his botnet, Gallyamov continued deploying alternative methods for distributing malware.
- If convicted, Gallyamov faces up to 25 years in federal prison, though he remains at large in Russia.
Russian Cybercriminal Charged in Massive Qakbot Malware Operation
Federal prosecutors in Los Angeles have charged Russian national Rustam Gallyamov with orchestrating a global cybercriminal enterprise that has plagued American businesses for over a decade. The 48-year-old Russian is accused of developing and controlling the notorious Qakbot malware since 2008, using it to create an extensive botnet of infected computers across multiple countries. Gallyamov faces serious charges including conspiracy to commit computer fraud and abuse, and conspiracy to commit wire fraud, highlighting the Biden administration’s continued failure to protect American businesses from foreign cyber threats.
“The criminal charges and forfeiture case announced today are part of an ongoing effort with our domestic and international law enforcement partners to identify, disrupt, and hold accountable cybercriminals,” said U.S. Attorney Bill Essayli for the Central District of California. “The forfeiture action against more than $24 million in virtual assets also demonstrates the Justice Department’s commitment to seizing ill-gotten assets from criminals in order to ultimately compensate victims.”
Sophisticated Ransomware Scheme Targeted American Businesses
The Russian cybercriminal’s operation was exceptionally sophisticated, using “spam bomb” attacks to trick employees into granting access to company networks. Once inside, Gallyamov provided access to co-conspirators who deployed dangerous ransomware variants including Prolock, Dopplepaymer, and Egregor. Victims spanned various sectors, including a dental clinic in Los Angeles, a music company in Tennessee, and an insurance company in Maryland. While our border remains wide open to illegal immigrants receiving taxpayer benefits, American businesses continue to suffer attacks from foreign adversaries.
“Mr. Gallyamov’s bot network was crippled by the talented men and women of the FBI and our international partners in 2023, but he brazenly continued to deploy alternative methods to make his malware available to criminal cyber gangs conducting ransomware attacks against innocent victims globally,” said Akil Davis, assistant director in charge at the FBI’s Los Angeles Field Office.
Millions Recovered While Criminal Remains at Large
In a significant victory for law enforcement, the Department of Justice has filed a civil forfeiture complaint against over $24 million in cryptocurrency seized from Gallyamov’s criminal enterprise. In August 2023, authorities seized more than 170 bitcoin and over $4 million in additional cryptocurrency tokens. This followed a U.S.-led multinational operation that disrupted the Qakbot botnet and recovered an additional $8.6 million in cryptocurrency. The funds will be used to compensate victims of these devastating attacks, though accountability remains incomplete.
Despite these charges, Gallyamov remains beyond the reach of American law enforcement, believed to be safely residing in Russia. This case highlights the ongoing challenges in bringing international cybercriminals to justice, particularly those operating from countries that refuse to cooperate with U.S. authorities. If convicted, Gallyamov faces up to 25 years in federal prison, but without extradition from Russia, these charges may remain merely symbolic. Meanwhile, American taxpayers continue funding government agencies that seem perpetually one step behind sophisticated foreign threats.