Google disrupts massive botnet used by hackers to mine crypto using Bitcoin blockchain

Google disrupted the malicious operations of the Glupteba botnet which has been used by hackers to steal account information.
The firm filed a lawsuit against two Russian nationals that it believes helped run the malware for the past few years.
The disruption may only be temporary as Glupteba utilizes a blockchain system that could allow hackers to remain in control over infected hosts.

Google has disrupted Glupteba, a botnet that has spread malware to roughly a million Windows devices using the Bitcoin blockchain. The American multinational technology company stated that the perpetrators used the botnet to mine cryptocurrencies on victims’ computers.

Glupteba could resume operations shortly

In a civil complaint filed on December 7 against two Russian nationals Dmitry Staroviko, Alexander Filippov, as well as 15 unknown individuals, Google revealed that Glupteba has infected more than one million machines worldwide. The botnet has been tracked by law enforcement and computer security experts for years.

Google alleged that the defendants used the botnet to steal victims’ account information to sell to third parties and mine cryptocurrencies on victims’ computers. The perpetrators used blockchain technology to protect themselves and bypass traditional tools that could disrupt malicious activities. According to Google executives, Bitcoin’s decentralization made it “much harder to shut down.”

The firm also reached out to internet infrastructure companies to take down services used by the hackers to control the network. Google’s services were used by the perpetrators to distribute the malware. As a result, the company took down approximately 63 million Google Docs, over 1,000 Google accounts and more than 900 Google Cloud projects that were used to spread Glupteba.

Google general counsel Halimah Delaine Prado and vice president of engineering Royal Hansen explained that the company does not only plug security holes, the firm is working to eliminate entire classes of threats for consumers and businesses that depend on the internet.

However, Google warned that Glupteba could continue to operate again due to the fact that the hackers have incorporated a fail-safe mechanism that uses the Bitcoin blockchain to issue commands.

If the communication between the hackers and the botnet is cut off, the network will automatically search for messages posted by hackers for directions telling it how to reconnect through publicly accessible Bitcoin transactions.

According to blockchain analysis firm Chainalysis, this is the “first known case of a botnet using this approach.”

Share: Cryptos feed

Note: All information on this page is subject to change. The use of this website constitutes acceptance of our user agreement. Please read our privacy policy and legal disclaimer. Opinions expressed at FXstreet.com are those of the individual authors and do not necessarily represent the opinion of FXstreet.com or its management. Risk Disclosure: Trading foreign exchange on margin carries a high level of risk, and may not be suitable for all investors. The high degree of leverage can work against you as well as for you. Before deciding to invest in foreign exchange you should carefully consider your investment objectives, level of experience, and risk appetite. The possibility exists that you could sustain a loss of some or all of your initial investment and therefore you should not invest money that you cannot afford to lose. You should be aware of all the risks associated with foreign exchange trading, and seek advice from an independent financial advisor if you have any doubts.

Join Telegram