- Gallyamov leads ongoing Qakbot cyber operations.
- $24M in crypto assets seized.
- Operation part of larger international law enforcement effort.
Russiam developer Rustam Rafailevich Gallyamov was indicted for leading the Qakbot malware operation. On April 25, 2025, U.S. authorities seized $4 million in cryptocurrency.
The Qakbot Malware
The Qakbot malware, attributed to Rustam Rafailevich Gallyamov, infected over 700,000 computers globally. Despite a significant operation against the botnet in 2023, recent efforts included a $4 million cryptocurrency seizure.
Rustam Gallyamov
Rustam Gallyamov, based in Moscow, continued cyber activities after previous operations. The Department of Justice‘s latest actions seek to dismantle the financial infrastructure supporting his operations. “Operation Duck Hunt was the most significant technological and financial operation ever led by the Department of Justice against a botnet,” said Martin Estrada, U.S. Attorney, Department of Justice.
The Financial Impact
The financial impact extends beyond seized assets, affecting businesses and agencies previously targeted. Authorities also aim to reduce future risks by disrupting Gallyamov’s network.
Legal and Enforcement Actions
Authorities seek to cripple financial networks tied to Gallyamov’s operations, setting a precedent for future seizures. The focus remains on arresting those hiding behind cryptocurrency for illicit activities.
Notable Enforcement Milestone
Seizure of these funds marks a notable enforcement milestone. Authorities aim to neutralize financial resources aiding cybercrime in traditionally untouchable jurisdictions.
The DOJ’s Commitment
The case underscores the DOJ’s commitment to fighting cybercrime financed by cryptocurrency. Data suggest such efforts could evolve further as law enforcement adapts to digital threats.
