Google has taken action to disrupt a sophisticated botnet. Google reports this in a blog. The botnet, called Glupteba, targets Windows machines and protects itself through blockchain technology. Google is taking both technical and legal action.
A botnet is a compound term of the words ‘robot’ and ‘network’. It is a collection of devices infected with malware, often unbeknownst to the owners. Criminals can then use the devices for malicious purposes, such as stealing sensitive information or committing fraud.
The Glupteba botnet consists of approximately one million compromised Windows devices worldwide, according to research by Google. At times, the network is growing by as many as a thousand new devices per day.
Glupteba is notorious for stealing user login and personal information, mining cryptocurrencies and redirecting other people’s internet traffic through infected machines and routers.
Google has taken technical action against the botnet. The tech company disrupted key command and control infrastructure. As a result, those operating Glupteba no longer have control over their botnet for the time being. However, it is difficult to completely shut down the botnet as the operators have implemented a backup mechanism that uses the Bitcoin blockchain. Blockchain is a kind of database for storing transactions.
Partly due to the resilience of the botnet, Google has also decided to take legal action against the administrators. The company sued for computer fraud and misuse, trademark infringement and other claims. In addition, the tech company applied for a temporary restraining order.
Google investigated the network last year and concluded that two people in Russia are responsible for the botnet. The charges are against them.
The Glupteba botnet also used Google’s services to distribute the software. The tech giant subsequently shut down 63 million Google Docs found to be distributing Glupteba. Google also closed 1,183 Google Accounts, 908 cloud projects and 870 Google Ads linked to the botnet’s proliferation.
In addition, Google managed to warn about 3.5 million users before downloading a malicious file.
Last spring showed that it is difficult to combat botnets. Then Europol and German authorities took over the Emotet botnet, removing the eponymous malware from all infected computers. Last month, however, there were signs that the network is growing again. Researchers warn of new attacks via the botnet and fear large-scale spam, malware and ransomware campaign.
Catch up on more articles here
Follow us on Twitter here