Crypto

FBI Seizes $24 Million in Cryptocurrency from Russian Cybercrime Leader

Photo of Emma Horvath Emma Horvath Send an email May 24, 2025
0 64 2 minutes read

US DOJ Seeks to Seize Over $24 Million in Crypto Linked to Qakbot Malware

In a significant move against cybercrime, the United States Department of Justice (DOJ) has initiated a civil forfeiture action aimed at seizing more than $24 million in cryptocurrency. These assets are reportedly linked to Rustam Rafailevich Gallyamov, a Russian citizen accused of orchestrating the development and distribution of the notorious Qakbot malware.

Understanding Qakbot’s Role in Global Cybercrime

According to a DOJ press release from May 22, Gallyamov is alleged to have played a pivotal role in deploying Qakbot, a piece of sophisticated malware that has been operational since 2008. This malware is responsible for infecting computers worldwide, facilitating ransomware attacks, and causing significant disruptions.

Advertisement Banner

The Mechanics of Malware Deployment

Federal prosecutors assert that Gallyamov, based in Moscow, managed the botnet infrastructure supporting Qakbot. This malware infiltrated numerous computers, granting access to co-conspirators who carried out ransomware attacks using variants such as REvil, Conti, Black Basta, and Cactus. In return for his pivotal role, Gallyamov allegedly received a portion of the ransom payments.

International Efforts to Halt Cybercriminal Activities

The DOJ highlights this seizure as part of an ongoing international effort to dismantle cybercrime networks. This campaign involves collaboration between law enforcement agencies in the US, Europe, and Canada.

Escalation of Cyber Operations

From 2019, Gallyamov’s operations reportedly intensified, with Qakbot being used to compromise thousands of systems, creating an extensive botnet. These compromised systems were subsequently handed over to ransomware operators. A breakthrough came in August 2023 when a US-led multinational task force disrupted the Qakbot network, seizing various crypto assets tied to the operation, including 170 BTC and millions in stablecoins like USDT and USDC.

Adapting Tactics Post-Disruption

Despite this crackdown, Gallyamov and his associates reportedly evolved their tactics, employing methods such as “spam bombs” to deceive employees into opening internal systems, facilitating continued ransomware deployment. This approach reportedly persisted into 2025, utilizing ransomware variants like Black Basta and Cactus to target victims in the United States.

Coordinated Global Recovery Efforts

The DOJ’s civil forfeiture complaint seeks to formalize the seizure of over $24 million in illicit cryptocurrency proceeds with the goal of returning these funds to victims. This initiative underscores a well-coordinated international campaign involving the FBI’s Los Angeles and Milwaukee field offices, Europol, and cybersecurity divisions from multiple countries including France, Germany, and the Netherlands.

Leadership in Legal Action

Assistant US Attorneys from the Central District of California, along with officials from the DOJ’s Computer Crime and Intellectual Property Section, are spearheading the prosecution. In public statements, DOJ and FBI representatives reaffirmed their dedication to dismantling global cybercrime infrastructure. They emphasized the use of all available legal tools, including indictments, forfeiture actions, and international law enforcement cooperation, to hold perpetrators accountable and compensate victims effectively.

Official Statements on the Forfeiture Action

US Attorney Bill Essayli for the Central District of California stated, “The forfeiture action against more than $24 million in virtual assets also demonstrates the Justice Department’s commitment to seizing ill-gotten assets from criminals in order to ultimately compensate victims.”

Ensuring Editorial Integrity

Editorial Process

Our editorial process is committed to providing thoroughly researched, accurate, and unbiased content. We adhere to stringent sourcing standards, with each page undergoing meticulous review by top technology experts and seasoned editors. This rigorous process guarantees the integrity, relevance, and value of our content for our readers.

Photo of Emma Horvath Emma Horvath Send an email May 24, 2025
0 64 2 minutes read
Photo of Emma Horvath

Emma Horvath

After graduating Communication and Media Studies MA in Eötvös Loránd University, Emma started to realize that her childhood dream as a creative news reporter committed to find dynamic journalism stories. I'm a passionate journalist with a keen interest in the fast-evolving world of cryptocurrencies. I've been reporting on the latest developments in the crypto industry for several years now, covering breaking news and providing insights on how the market is trending. I'm adept at analyzing daily market movements, researching ICOs, and keeping track of the latest innovations in blockchain technology. My expertise in the space makes her a trusted voice in the crypto community. Whether it's the latest Bitcoin price movements or the launch of a new DeFi platform, I am always at the forefront, bringing her readers the most up-to-date and informative news.

Related Articles

BlockDAG Leads with New 5-Level Bonus System Amid Solana’s Slump & Stellar’s Surge—Signs of Imminent Major Listings?

December 2, 2024

BlockDAG Locks in 5 CEX Listings Ahead of GO LIVE Reveal – $0.0020 Entry Ends June 13

May 15, 2025

BlockDAG Offers 5-Tier Rewards for Buyers—A Look at Litecoin Forecasts & Ethereum’s Market Dynamics

December 2, 2024

Unlock Major Gains with 5 Top Crypto Coins for 2025—Here’s Why BlockDAG, TRX, AVAX, LINK & XLM Have Made the Cut!

January 11, 2025

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button