Google disrupts cybercrime Web infecting 1 million devices
WASHINGTON – Google said it has moved to shut down a network of about one million highjacked electronic devices used worldwide to commit online crimes, while also suing Russia-based hackers whom the tech giant said were responsible.
The so-called botnet of infected devices, which was also used to surreptitiously mine bitcoin, was cut off at least for now from the people wielding it on the internet.
“The operators of Glupteba are likely to attempt to regain control of the botnet using a backup command and control mechanism,” wrote Mr Shane Huntley and Ms Luca Nagy from Google’s threat analysis group on Tuesday (Dec 7).
Large technology companies such as Google and Microsoft are increasingly pulled into the battle against cybercrime, which is conducted via their products thus giving them unique understanding of and access to the threats.
Google said the network includes about one million Windows-using devices worldwide for crimes that include stealing users’ credentials, and has targeted victims from the United States, India, Brazil and South-east Asia.
The company also filed a lawsuit in a New York federal court against Mr Dmitry Starovikov and Mr Alexander Filippov seeking an injunction to block them from wrongdoing on its platforms.
Cybersecurity experts first noticed Glupteba in 2011, which spreads by masquerading as free, downloadable software, videos or movies that people unwittingly download on to their devices.
However, unlike conventional botnets that rely on predetermined channels to ensure their survival, Glupteba is programmed to find a replacement server in order to keep operating even after being attacked, said Google’s lawsuit.
As the botnet web combines the power of some one million devices, it possesses unusual power that could be used for large-scale ransomware or other attacks.
To maintain that network, the organisation “uses Google advertisements to post job openings for the websites” carrying out the illegal work.
The hackers also used Google’s own services to distribute the malware – the internet giant took down some 63 million Google Docs and terminated more than 1,100 Google accounts used to spread Glupteba.
The botnets can “recover more quickly from disruptions, making them that much harder to shutdown,” Google said in a blog post. “We are working closely with industry and government as we combat this type of behaviour.”