Google is suing two Russians, claiming that they manipulated a complex botnet to launch multiple attacks, the network has quietly penetrated more than 1 million Windows machines around the world. After the device is infected, the botnet will steal the user’s certificate and data, secretly mine the encrypted currency and set up a proxy to send other people’s Internet traffic through the infected machine and router.
In a complaint filed with the U.S. District Court for the Southern District of New York, Google claimed that Russian nationals Dmitry Starovikov (Dmitry Starovikov) and Alexander Filippov were two members of the Glupteba botnet. The main operators and cited the Gmail and Google Workspace accounts they allegedly created to help them run criminal businesses.
Google alleges that the two defendants used botnets (described as a “technical embodiment of modern, borderless organized crime”), including theft and unauthorized use of the login and account information of Google users. It asked Starovikov and Filippov to pay compensation and permanently banned the use of Google services.
Join RealMi Central on Telegram, Facebook & Twitter
Google said that it has been tracking the Glupteba botnet since 2020. So far, it has infected about 1 million Windows machines worldwide, and it is growing at the rate of thousands of new devices every day. Once the device is infected, it is usually to trick users into downloading malware through third-party “free download” sites-the botnet will steal the user’s certificate and data, secretly mine the encrypted currency, set up a proxy, and deliver it through the infected machine and router Other people’s internet traffic.
Google added in its complaint: “At any time, the power of the Glupteba botnet may be used for powerful ransomware attacks or distributed denial of service attacks. In addition to litigation against the so-called Glupteba botnet, the company’s threats The Analysis Team (TAG) has observed that the botnet is targeting victims in the United States, India, Brazil, Vietnam, and Southeast Asia. Google announced that it has partnered with Internet hosting service providers to undermine the botnet’s critical command and control (C2) infrastructure. This means that its operators no longer control the botnet, although Google warns that because Glupteba uses blockchain technology as a resilient mechanism, it may make a comeback.