The US Division of Justice (DOJ) has filed a civil forfeiture grievance to grab over $24 million in cryptocurrency property tied to Rustam Rafailevich Gallyamov, a Russian nationwide accused of main the event and distribution of the Qakbot malware.
In response to a press release issued on Might 22, the DOJ alleges Gallyamov performed a central function in deploying Qakbot as a part of a broader cybercrime operation that contaminated computer systems globally and enabled ransomware assaults.
From Malware Deployment to World Ransomware Assaults
Federal prosecutors declare that Gallyamov, who resides in Moscow, operated the botnet infrastructure behind Qakbot, a classy piece of malware first deployed in 2008. The malware was used to compromise computer systems after which present entry to co-conspirators, who executed ransomware campaigns utilizing variants corresponding to REvil, Conti, Black Basta, and Cactus.
In return, Gallyamov reportedly acquired a share of the ransom proceeds. The DOJ emphasised that this seizure displays a continued worldwide effort involving legislation enforcement businesses from the US, Europe, and Canada to disrupt cybercriminal networks.
In response to the DOJ’s indictment, Gallyamov’s cyber operations intensified from 2019 onwards, as Qakbot was used to infiltrate hundreds of methods and construct an expansive botnet. As soon as compromised, these methods have been handed off to ransomware operators.
In August 2023, a US-led multinational task force efficiently disrupted the Qakbot community and seized varied crypto property tied to the scheme, together with 170 BTC and tens of millions in stablecoins corresponding to USDT and USDC. Regardless of that takedown, the DOJ alleges that Gallyamov and his companions continued concentrating on victims utilizing different strategies.
The most recent DOJ grievance particulars how the accused shifted ways following the 2023 disruption, together with using “spam bomb” methods that tricked workers into opening access to internal systems. Prosecutors assert that this newer method allowed ransomware deployment to proceed nicely into 2025.
These assaults reportedly included using Black Basta and Cactus ransomware to focus on victims in the USA. As a part of the continuing investigation, the FBI executed one other seizure on April 25, 2025, retrieving over 30 BTC and greater than $700,000 in stablecoins.
DOJ’s Worldwide Coordination and Restoration Efforts
The DOJ’s civil forfeiture grievance goals to formalize the seizure of over $24 million in illicit crypto proceeds, with the intent of returning these funds to victims. This effort underscores a coordinated international marketing campaign involving the FBI’s Los Angeles and Milwaukee subject places of work, Europol, and cybersecurity divisions from France, Germany, the Netherlands, and different nations.
The DOJ credited this collaboration for enabling swift identification and disruption of Gallyamov’s operations. Assistant US Attorneys from the Central District of California and officers from the DOJ’s Laptop Crime and Mental Property Part are main the prosecution.
In public remarks, DOJ and FBI officers reiterated their dedication to dismantling international cybercrime infrastructure and utilizing all accessible authorized instruments including indictments, forfeiture actions, and worldwide legislation enforcement cooperation to carry perpetrators accountable and compensate victims. US Legal professional Invoice Essayli for the Central District of California mentioned:
The forfeiture motion towards greater than $24 million in digital property additionally demonstrates the Justice Division’s dedication to seizing ill-gotten property from criminals with a view to finally compensate victims.
Featured picture created with DALL-E, Chart from TradingView
Editorial Course of for bitcoinist is centered on delivering totally researched, correct, and unbiased content material. We uphold strict sourcing requirements, and every web page undergoes diligent overview by our group of high know-how consultants and seasoned editors. This course of ensures the integrity, relevance, and worth of our content material for our readers.
