Google has begun taking steps to shut down a sophisticated botnet which uses blockchain technology to protect itself and is being used to target Windows devices.
For those unfamiliar, a botnet is a network of devices connected to the internet that have been infected with malware that places them under the control of cybercriminals and other bad actors. These infected devices are then used for malicious purposes such as stealing your sensitive information or committing fraud.
Following a thorough investigation, Google’s Threat Analysis Group determined that the botnet in question, Glupteba, has already infected one million compromised Windows devices worldwide and is capable of growing at a rate of thousands of new devices per day.
Glupteba is known for stealing users’ credentials and data, mining cryptocurrencies on infected hosts and setting up proxies to funnel other people’s internet traffic through infected machines and routers.
Taking action against Glupteba
According to a new blog post from Google, the company is currently working with its industry partners like Cloudflare to take technical action against Glupteba and the bad actors behind this increasingly dangerous botnet.
So far, the search giant has disrupted key command and control infrastructure which means that Glupteba’s operators no longer have control of their botnet for now. However, as this botnet has sophisticated architecture and its operators have taken steps to maintain it, scale its operations and conduct widespread criminal activity, Google has also decided to take legal action as well.
The company filed litigation against the operators of Glupteba, which it believes are based in Russia, in the Southern District of New York for computer fraud and abuse, trademark infringement and other claims. Google has also filed a temporary restraining order to bolster its technical disruption efforts.
Still though, stopping Glupteba completely may prove difficult as the decentralized nature of blockchain allows the botnet to recover more quickly form disruptions which makes it much harder to shutdown.
We’ve also rounded up the best DDoS protection, best endpoint protection software and best malware removal software