FBI Strikes Hard: Seizes $24M in Crypto, 30 Bitcoins in Massive Russian Ransomware Bust
“Operation Endgame” dismantles the global malware infrastructure used in ransomware attacks, disrupting the operations of Qakbot and DanaBot malware.
In a global cybercrime crackdown, the FBI and international partners successfully dismantled a vast ransomware scheme run by Russian national Rustam Rafailevich Gallyamov. Operation Endgame resulted in the freezing of more than $24 million in cryptocurrency, including 30 Bitcoins and $700,000 in fiat, and disabling malware networks employed to manage an estimated 700,000 hacked computers around the world.
FBI Leads Operation Endgame to Disrupt Global Cyber Threats
The operation, which was carried out between May 19 and 22, aimed at the infrastructure supporting Qakbot and DanaBot malware—two of the most lethal malware threats in recent history. Law enforcement agencies from the United States, Germany, France, the Netherlands, the UK, and others assisted Europol and Eurojust, seizing 300 servers and more than 650 domains used in global cyberattacks.
Qakbot, originally found in 2008, evolved from a bank Trojan into a full-fledged malware platform for delivering ransomware and exfiltrating sensitive data. Despite a 2023 takedown, Gallyamov stands accused of persisting through to the early part of 2025, leveraging the malware to target government agencies, hospitals, universities, and private companies.
Rustam Gallyamov Indicted in Significant Ransomware Conspiracy
Gallyamov, as per the U.S. Department of Justice, was indicted for conspiracy to commit wire fraud, bank fraud, and money laundering. The indictment shows how Gallyamov’s crew used the Qakbot botnet to spread ransomware, steal login credentials, and shake down victims for money. He allegedly oversaw and operated a vast cybercrime infrastructure that produced millions in illegal profit.
“These hackers thought that they could act anonymously behind keyboards half a world away,” declared FBI Director Christopher Wray. “Operation Endgame demonstrates we can track them down, take down their infrastructure, and hold them accountable.”
$24M Seized: Crypto, Cash, and Cyber Justice
As part of the raid, authorities arrested digital assets in several wallets associated with ransomware payments. The 30 Bitcoins taken, valued at some $2 million, and other holdings in USDT and Ethereum, will be used to offer restitution to victims where feasible.
The FBI showed that the botnet consisted of 700,000 devices, some of which were utilized to spread ransomware in various nations. The financial trail left behind from the attacks was followed by investigators with the aid of blockchain analytics, who eventually discovered the key operators and wallet addresses.
DanaBot and Other Malware Networks Targeted
Operation Endgame also targeted other ongoing malware operations, including DanaBot, a Trojan that infected over 300,000 computers and resulted in estimated losses of $50 million worldwide. Sixteen individuals linked to DanaBot operations were also indicted, revealing the operation’s extensive international scope.
Cybersecurity experts say this marks a new era of cross-border enforcement against ransomware gangs. “We’re seeing an evolution in law enforcement strategy,” said cybersecurity analyst Jake Williams, founder of Rendition Infosec. “Instead of focusing on just taking down one botnet, they’re disrupting the infrastructure used by multiple malware families.”
What This Means for Cybersecurity Worldwide
As ransomware losses are estimated to hit more than $30 billion worldwide in 2025, unified efforts such as Endgame are regarded as a significant leap against cybercrime. The success of the FBI here clearly sends an open message to global hackers: their activities are not imperceptible.
Experts warn, however, that new malware strains may soon appear as cybercrooks rebound. The victory is sweet but the battle against ransomware goes on.
Follow us for more News valleynewz.com