Google said on Tuesday it had decided to shut down a network of around a million hijacked electronic devices used around the world to commit online crimes, while suing Russia-based hackers the tech giant claimed was responsible. .
The so-called botnet of infected devices, which has also been used to surreptitiously mine Bitcoin, has been cut off at least for now from people who use it on the internet.
“Glupteba operators are likely to attempt to regain control of the botnet using a back-up command and control mechanism,” wrote Shane Huntley and Luca Nagy of Google’s threat analysis group.
Big tech companies like Google and Microsoft are increasingly drawn into the battle against cybercrime, which is waged through their products, giving them unique understanding and access to threats.
Google said the network includes around one million devices using Windows around the world for crimes that include the theft of user credentials, and has targeted victims in the United States, India, Brazil and South East Asia.
The company also filed a lawsuit in New York federal court against Dmitry Starovikov and Alexander Filippov, seeking an injunction to stop them from committing wrongdoing on its platforms.
Cyber ââsecurity experts first noticed Glupteba in 2011, which is spread masquerading as free and downloadable software, videos or movies that people unwittingly download to their devices.
However, unlike conventional botnets that rely on predetermined channels for survival, Glupteba is programmed to find a replacement server in order to continue functioning even after being attacked, according to the Google lawsuit.
Because the web botnet combines the power of around a million devices, it has unusual power that could be used for large-scale ransomware or other attacks.
To maintain this network, the organization “uses Google ads to post job offers for websites” doing illegal work.
Hackers also used Google’s own services to distribute the malware – the internet giant deleted some 63 million Google documents and closed more than 1,100 Google accounts used to distribute Glupteba.
Botnets can “recover from disruptions faster, making them even more difficult to shut down. We are working closely with industry and government as we combat this type of behavior,” Google said in a statement. blog post.