The FBI announced it has taken down Qakbot, a botnet network that enabled the attack on Prospect Medical Group, Bloomberg reported Aug. 29.
The FBI was able to redirect Qakbot botnet traffic and send a file to 700,000 infected computers across the globe that uninstalled the botnet. Qakbot has been used as a means of entry by Conti, Black Basta and ProLock, according to an Aug. 29 Department of Justice news release.
Culver City, Calif.-based Prospect Medical Holdings, a private equity-backed owner of 16 hospitals, was hit with ransomware that caused disruptions on Aug. 3.
The FBI seized $8.6 million in cryptocurrency profits from Qakbot. The network has gone by other names, such as Qbot and Pinkslipbot.
"The FBI led a worldwide joint, sequenced operation that crippled one of the longest-running cybercriminal botnets," FBI Director Christopher Wray said in the news release. "With our federal and international partners, we will continue to systematically target every part of cybercriminal organizations, their facilitators, and their money – including by disrupting and dismantling their ability to use illicit infrastructure to attack us."