Google disrupts Glupteba botnet that infected million PCs
Google has banned the people behind the Glupteba botnet, which infected the computers of approximately one million Windows users. Google also closed documents, accounts, cloud projects and Google Ads that were used.
Google spent a year investigating the botnet, the company writes in a blog post. That investigation led to two individuals in Russia who ran the botnet. The Glupteba botnet infected approximately one million Windows computers worldwide and was used to steal credentials and mine cryptocurrencies on infected computers.
Together with CloudFlare, among others, Google managed to disrupt the command-and-control infrastructure of the botnet by taking servers offline and placing a kind of pop-up for malicious domain names, which would prevent the people behind the botnet from accessing them. their botnet. The search giant also took down 130 accounts that were directly involved in the spread of the botnet.
Google does add that this is a temporary measure. Because the botnet is so complicated and because it uses blockchain technology to back up the botnet, it is difficult to close the botnet completely. The botnet is distributed decentrally. That is why Google has also filed a lawsuit against the two Russians behind the botnet.
Google’s Threat Analysis Group recently took down 63 million Google documents, 1183 Google accounts, 908 cloud projects and 870 Google Ads accounts involved in spreading the botnet. Google also warned 3.5 million users against downloading a malicious file.