A notorious cybercriminal group is still active and attempting to conduct ransomware attacks despite an FBI attempt to sabotage the group's operations in August.
In a far-flung effort to rebuilt their vast network of infected computers that they use for fraud and ransomware attacks, Cisco Talos, Cisco's cyber intelligence unit, said in a blog post.
It was not clear how well the hacking tactics were successful. The news highlights the resilience of multimillion-dollar cybercriminal gangs, often in Eastern Europe and Russia, that can rebuild computer networks infiltrated by Western law enforcement.
The new study comes days after the FBI and European law enforcement agencies announced an operation to 'dismantle' the main computer infrastructure used by the hackers. The hackers were known for coding code called Qakbot that Russian-speaking health care companies and government agencies had used in attacks on health care companies and government agencies worldwide.
In August, the law enforcement sting in August cut off communication between the hackers' main computer server and some of the hundreds of thousands of infected computers they use for cyberattacks. A separate set of infrastructure used by the hackers to send phishing emails aimed at infected victims appears to have been untouched by the FBI takedown, Talos said.
The FBI declined to comment on the new research. The investigation into Qakbot is ongoing, said a senior FBI official. The FBI has also acknowledged the durability of cybercriminal networks and said the agency intends to wear them down through repeated raids on their infrastructure.
The Qakbot operatives are far away from the only cybercriminal network to reemerge following a high-profile FBI takedown.
More than two years after the FBI and its European allies announced that they had taken down the group's computer systems, CNN reported last month. Emotet, a hacking tool that is associated with the group, has stalked the internet for nearly a decade.
Emotet has cost victims hundreds of millions in losses, as well as Qakbot, according to law enforcement officials.