The US government has convicted Russian National Russian National Rustom Rafaelvich Galamov, leader of the Cakbot Botnett Malware Operation, compromising over 700,000 computers and enabled ransomware attacks.
According to court documents, Galimov began to develop in 2008 and deployed it to create a network of thousands of infected computers (known as Cubot and Pinklipbot).
Over time, a team of developers was formed around the Cakbot, but the prosecution stated that other malware was also made under the leadership of Galmov.
For almost a decade, Galimov used the cacabot as a banking trojan with worm capabilities, malware dropper or backdoor, which can also record kistroxes.
Starting in 2019, Cakbot became an early transition vector in several ransomware attacks, such as the notorious gangs such as Conty, Prelocor, Agragger, Revil, Ransomex, Megcortex, Dopelpere, Black Basta, and Cactus.
To provide initial access, Galimov allegedly received a part of the ransom paid by the victims. Payment is diverse depending on an arrangement with each rangesmware group.
Digital assets seized over $ 24 million
As ProsecutionKakbot infection gave birth to hundreds of ransomware victims worldwide. The list includes private companies, healthcare providers and government agencies.
The agreement caused a loss of millions of dollars. In just 18 months, the financial loss exceeded $ 58 million.
In 2023, after hacking parts of its infrastructure and taking control of a computer used by a Cakbot administrator, the Kakbot Botnet was terminated by the FBI.
Despite this, Galimov continued malicious operations and “recently as orchestrated spam bomb attacks against victims in the United States as January 2025.”
Earlier today, the Department of Justice filed a complaint against more than $ 24 million in cryptocurrency seized from Galamov during the investigation.
Last month, the FBI seized more illegal assets – 30 bitcoins and $ 700,000 in USDT tokens, which is more than $ 4 million at today’s exchange rate.
Law enforcement action was taken with Operation Endege, an international effort, which caused many botnets and malware loaders (such as Ideed, Picabot, Tricbot, Bambalbalbal, Smokeer, and System BC) to be seized.
Based on the analysis of 14M malicious tasks, search for the top 10 MITERAT & CK techniques behind the 93% attacks and how to defend them against them.
