Security News > 2021 > December > Google Takes Down Glupteba Botnet; Files Lawsuit Against Operators

In tandem, Google also filed a lawsuit against the botnet's operators.

"And at any moment, the power of the Glupteba botnet could be leveraged for use in a powerful ransomware or distributed denial-of-service attack," Google noted in its lawsuit, shared with Threatpost on Tuesday.

"While analyzing Glupteba binaries, our team identified a few containing a git repository URL: git.voltronwork[dot] com, researchers explained."This finding sparked an investigation that led us to identify, with high confidence, multiple online services offered by the individuals operating the Glupteba botnet.

The operation included terminating 63 million Google Docs used to distribute Glupteba, 1,313 Google accounts, 908 cloud projects and 870 Google Ads accounts; and, working with CloudFlare and others, taking down servers and placing warning interstitial pages in front of malicious domains.

Elaborating in a separate post, TAG researchers added that "the operators of Glupteba are likely to attempt to regain control of the botnet using a backup command-and-control mechanism that uses data encoded on the Bitcoin blockchain.

As an extra layer of disruption, Google also filed a lawsuit in the Southern District of New York against Russian nationals Dmitry Starovikov and Alexander Filippov.

News URL

https://threatpost.com/google-glupteba-botnet-lawsuit/176826/