[Image: Cybercrime Exposed Botnet Breakup]
Over many years, a cybercriminal gang likely based in Russia built a huge network of interconnected, hacked computers. They did this one inbox at a time. They sent spam messages with fake documents and malicious links, tricking people into opening malicious software. The network of hacked computers was called Qakbot, or QBot. The botnet was used by cybercriminal gangs to infiltrate computers, steal their data, conduct financial crime and deploy ransomware. But in 2023, law enforcement hacked the hackers. They cut Qakbot off from the cybercriminal group that controlled it. They also removed Qakbot from hundreds of thousands of infected computers, a mission that stretched across the internet. But the battle against this group continues.
Participants:
Selena Larson, Senior Threat Intelligence Analyst, Proofpoint
Jeremy Kirk, Executive Editor, Cyber Threat Intelligence, Intel 471
Initial access brokers (IABs) sell access to compromised organizations on underground forums. Here's an analysis looking at whether these offers can be correlated to ransomware attacks.
The disruption of the XSS cybercrime forum and arrest of its administrator in Ukraine in July 2025 has shook Russian-speaking cybercriminal communities to their core and raised questions if the forum can recover.
The Lumma infostealer malware collects highly sensitive data including logins and session tokens. Here's how to conduct a threat hunt leveraging up-to-date tactics, techniques and procedures used by Lumma.
Stay informed with our weekly executive update, sending you the latest news and timely data on the threats, risks, and regulations affecting your organization.