Security News > 2021 > December > Google Disrupts Blockchain-based Glupteba Botnet; Sues Russian Hackers
Google on Tuesday said it took steps to disrupt the operations of a sophisticated "Multi-component" botnet called Glupteba that approximately infected more than one million Windows computers across the globe and stored its command-and-control server addresses on Bitcoin's blockchain as a resilience mechanism.
As part of the efforts, Google's Threat Analysis Group said it partnered with the CyberCrime Investigation Group over the past year to terminate around 63 million Google Docs that were observed to have distributed the malware, alongside 1,183 Google Accounts, 908 Cloud Projects, and 870 Google Ads accounts that were associated with its distribution.
Google TAG said it worked with internet infrastructure providers and hosting providers, such as CloudFlare, to dismantle the malware by taking down servers and placing interstitial warning pages in front of the malicious domains.
Vending credit cards to facilitate fraudulent purchases from Google Ads and other Google services.
"Dont.farm's customers pay the Glupteba Enterprise in exchange for the ability to access a browser that is already logged into a victim's stolen Google account," the company alleged.
"Unfortunately, Glupteba's use of blockchain technology as a resiliency mechanism is notable here and is becoming a more common practice among cyber crime organizations," Google's Royal Hansen and Halimah DeLaine Prado said.
News URL
https://thehackernews.com/2021/12/google-disrupts-blockchain-based.html
Related news
- Microsoft says Russian hackers breached its systems, accessed source code (source)
- Microsoft Confirms Russian Hackers Stole Source Code, Some Customer Secrets (source)
- Microsoft: Russian hackers accessed internal systems, code repositories (source)
- Hackers Using Sneaky HTML Smuggling to Deliver Malware via Fake Google Sites (source)
- Russian Hackers May Have Targeted Ukrainian Telecoms with Upgraded 'AcidPour' Malware (source)
- Russian hackers target German political parties with WineLoader malware (source)
- Russian Hackers Use 'WINELOADER' Malware to Target German Political Parties (source)
- Google Sues App Developers Over Fake Crypto Investment App Scam (source)
- 10-Year-Old 'RUBYCARP' Romanian Hacker Group Surfaces with Botnet (source)
- RUBYCARP hackers linked to 10-year-old cryptomining botnet (source)