The U.S. Department of Justice has indicted a Russian national, Rustam Gallyamov, for leading a major global cybercrime ring behind the infamous Qakbot malware. The authorities seized over $24 million in crypto tied to the operation, which is planned to be returned to the victims.
The indictment on May 22, 2025, is a significant step by the U.S. authorities in their fight against ransomware attacks. This is part of a broader law enforcement campaign (like Operation Endgame) to target cybercriminals who have been using malware like Qakbot to infect systems worldwide, demand ransoms, and steal data and funds.
The victims included a wide range of businesses, from small dental clinics in Los Angeles to tech companies in Nebraska, manufacturers in Wisconsin, and even real estate firms in Canada.
“The charges announced today exemplify the FBI’s commitment to relentlessly hold accountable individuals who target Americans and demand ransom, even when they live halfway across the world,” said Akil Davis, Assistant Director in Charge of the FBI’s Los Angeles Field Office.
These moves are part of a global crackdown on cybercrime, with the U.S., France, Germany, the Netherlands, Denmark, the U.K., and Canada working together to fight cybercrime, the statement read.
Gallymov is accused of running the Qakbot malware operation since 2008, infecting over 700,000 computers worldwide and enabling major ransomware attacks like Conti, Black Basta, and REvil. Gallyamov was paid a portion of the ransoms that were received from victims.
In August 2023, a U.S.-led international operation took down the Qakbot botnet, where the authorities seized over 170 Bitcoins and more than $4 million in USDT and USDC from Gallyamov.
Even after this, he kept his cybercrime activity going by switching to new tactics like “spam bomb” attacks. He kept attacking systems as recently as January 2025 by flooding victims with emails, tricking employees into giving hackers access.
As a result, under the “Operation Endgame”, the FBI seized another 30 Bitcoins and $700,000 in USDT from Gallyamov. The DOJ also filed a civil forfeiture case to permanently claim the $24+ million in total seized crypto, with plans to return the funds to the victims. If convicted, he would face a statutory maximum sentence of 25 years in federal prison.
This is just the latest move in the US’ big crackdown on Cybercrime. In December 2024, they charged Rostislav Panev, a Russian-Israeli hacker linked to LockBit ransomware, for creating malware that helped criminals hack networks and demand ransoms, with over $230,000 in crypto tied to him.
In May 2025, 12 mostly young people were charged with running a $263 million crypto racketeering scheme. They used the stolen money to buy luxury jets and cars.
Federal authorities are also going after Roman Storm, the creator of Tornado Cash, who is accused of laundering billions in illegal crypto.
Rustam Gallyamov is accused of running the Qakbot malware ring, infecting 700K+ devices and enabling ransomware attacks since 2008.
Operation Endgame is a global law enforcement effort, including the U.S. and allies, to disrupt major cybercrime operations like Qakbot.
The U.S. Treasury and G7 nations are focusing on strengthening crypto regulations and cybersecurity to combat increasing crypto hacks and ransomware attacks.
Ethereum news indicates that ETH is back in the spotlight with its ETFs attracting more…
Circle announced plans to launch its native stablecoin, USDC, and the upgraded Cross-Chain Transfer Protocol…
XRP has long been one of the most discussed and debated cryptocurrencies within the marketplace.…
Sonic (formerly Fantom) is currently trading around $0.34, rebounding from recent lows after the airdrop-driven…
Congressman Thomas Massie has publicly urged for the Federal Reserve to be abolished. He argues…
Ozak AI is emerging as a notable Solana (SOL) alternative in the blockchain ecosystem, gaining…
