The U.S. authorities have initiated legal action to take control of approximately $24 million worth of digital currency linked to Rustam Rafailevich Gallyamov, a Russian individual charged with overseeing the creation and dissemination of the Qakbot malware.
As stated in a press announcement on the 22nd of May, the Department of Justice claims that Gallyamov was instrumental in utilizing Qakbot within a wider cybercriminal activity. This activity reportedly targeted computers worldwide, allowing for subsequent ransomware attacks.
From Malware Deployment to Global Ransomware Attacks
Federal investigators allege that Gallyamov, based in Moscow, managed the network of infected computers (botnet) linked to Qakbot, a complex computer virus initially released in 2008. This malware was employed to infiltrate computers, granting access to fellow conspirators who carried out ransomware attacks using different versions like REvil, Conti, Black Basta, and Cactus.
As a result, it’s said that Gallyamov was given a portion of the ransom money. The DOJ underlined that this seizure signifies an ongoing international collaboration between U.S., European, and Canadian law enforcement agencies aimed at dismantling cybercriminal groups.
Based on the DOJ’s indictment, Gallyamov’s cyber activities significantly increased starting from 2019. The malware Qakbot was employed to invade numerous systems and construct a wide network of infected machines, known as a botnet. After being breached, these systems were transferred to ransomware operators for further operations.
In August 2023, a joint task force from multiple nations, led by the U.S., effectively dismantled the Qakbot network and confiscated digital assets linked to the operation, including 170 Bitcoins and millions worth of stablecoins like Tether (USDT) and Circle US Dollar Coin (USDC). However, even after this takedown, the Department of Justice claims that Gallyamov and his associates persisted in scamming victims through alternative means.
The Justice Department’s recent accusation reveals a change in the suspect’s strategies after the 2023 disruption. They allegedly used “spam bomb” methods to deceive employees into granting access to internal systems, which prosecutors believe enabled the continued deployment of ransomware up until 2025.
It is said that these attacks allegedly utilized both Black Basta and Cactus ransomware to strike victims within the U.S. In the course of their ongoing investigation, the FBI carried out another seizure on April 25, 2025, confiscating approximately 30 Bitcoin and over $700,000 worth of stablecoins.
DOJ’s International Coordination and Recovery Efforts
The Department of Justice’s civil lawsuit aims to legally secure over $24 million in cryptocurrency obtained illegally, with the goal of returning these funds to the affected parties. This action highlights a joint international effort that includes the FBI offices in Los Angeles and Milwaukee, Europol, and cybersecurity teams from France, Germany, the Netherlands, and other nations.
The Department of Justice (DOJ) attributed the successful identification and disruption of Gallyamov’s activities to this collaboration. Prosecutors from the Central District of California, along with officials from the DOJ’s Computer Crime and Intellectual Property Section, are spearheading the case.
In a series of public statements, representatives from the Department of Justice (DOJ) and Federal Bureau of Investigation (FBI) have reinforced their dedication towards breaking down the global network of cybercrime. They plan to utilize every legal resource at their disposal, such as indictments, forfeiture proceedings, international law enforcement collaboration, and more, in order to bring criminal offenders to justice and provide restitution to affected parties. US Attorney Bill Essayli, representing the Central District of California, made this announcement.
The legal action to claim over $24 million worth of digital assets likewise underscores the Department of Justice’s dedication to confiscating unlawfully obtained wealth from wrongdoers, with the ultimate goal of reimbursing affected parties.
Featured image created with DALL-E, Chart from TradingView
Read More
- Delta Force: K437 Guide (Best Build & How to Unlock)
- Top 8 UFC 5 Perks Every Fighter Should Use
- USD ILS PREDICTION
- Slormancer Huntress: God-Tier Builds REVEALED!
- Tainted Grail: The Fall of Avalon – Everything You Need to Know
- AI16Z PREDICTION. AI16Z cryptocurrency
- Invincible’s Strongest Female Characters
- How to Unlock the Mines in Cookie Run: Kingdom
- Nine Sols: 6 Best Jin Farming Methods
- REPO’s Cart Cannon: Prepare for Mayhem!
2025-05-24 17:17