Alleged leader of Qakbot malware scheme, Gallyamov, indicted for developing and deploying the malware since 2008.
Gallyamov reportedly allowed ransomware operators to use compromised systems to deploy strains like REvil, Conti, Egregor, and Black Basta in exchange for a cut of the ransom payments.
FBI seized over 30 bitcoin and $700,000 in USDT linked to Gallyamov on April 25, bringing the total value of seized crypto to over $24 million.
Despite a multinational takedown of Qakbot infrastructure in 2023, Gallyamov and his associates continued operations with new tactics like 'spam bomb' phishing attacks, targeting U.S. firms as recent as January 2025.