Security News > 2023 > April > Google Gets Court Order to Take Down CryptBot That Infected Over 670,000 Computers

Google on Wednesday said it obtained a temporary court order in the U.S. to disrupt the distribution of a Windows-based information-stealing malware called CryptBot and "Decelerate" its growth.

CryptBot is estimated to have infected over 670,000 computers in 2022 with the goal of stealing sensitive data such as authentication credentials, social media account logins, and cryptocurrency wallets from users of Google Chrome.

The malware has been traditionally delivered via maliciously modified versions of legitimate and popular software packages such as Google Earth Pro and Google Chrome that are hosted on fake websites.

What's more, a CryptBot campaign unearthed by Red Canary in December 2021 entailed the use of KMSPico, an unofficial tool that's used to illegally activate Microsoft Office and Windows without a license key, as a delivery vector.

The major distributors of CryptBot, per Google, are suspected to be operating a "Worldwide criminal enterprise" based out of Pakistan.

Google said it intends to use the court order, granted by a federal judge in the Southern District of New York, to "Take down current and future domains that are tied to the distribution of CryptBot," thereby kneecapping the spread of new infections.

News URL

https://thehackernews.com/2023/04/google-gets-court-order-to-take-down.html