Google has revealed that it recently successfully blocked the activity of a major botnet.

Called Glupteba, it is one of the largest known botnets in the world.

Active since 2011, it would have under its control nearly a million devices and up to a thousand would be added to the network each day.

The botnet is used to secretly mine cryptocurrency, steal credentials or even deploy proxies for other cybercriminals.

To infect its victims, the malware is spread by pretending to be free downloadable software, videos or films in order to encourage Internet users to install it on their devices.

63 million documents deleted

Ironically, hackers used Google's services to post offers for their malware on various websites.

They also used Google services to distribute malware.

Google says it removed around 63 million documents from Google Docs this year, canceled 1,100 email accounts used to distribute Glupteba and deleted 900 Google Cloud projects as well as 800 Google Ads accounts.

To decommission the malware, Google has teamed up with outside partners like CloudFlare to decommission servers owned by cybercriminals.

They also placed warning messages in front of malicious domain names.

Google believes that these actions have destabilized the botnet.

This victory was only short-lived, however.

A botnet that is difficult to block

Unlike conventional botnets, Google explains that Glupteba relies on a blockchain-based fallback mechanism to ensure its survival.

In the event of an outage with the control servers, Glupteba is programmed to find replacement servers and would be able to continue operating shortly after being taken out of service.

"Glupteba operators may already be trying to regain control of the malicious network using monitoring and back-up mechanisms," said Shane Huntley and Luca Nagy, online threats and cybersecurity analysts at Google.

Finally, in an attempt to tackle the problem more in depth, Google has also announced that it has filed a complaint against 17 individuals suspected of being involved in the organization behind this malware.

High-Tech

BotenaGo: This malware infects routers and connected objects

High-Tech

Coronavirus in the United States: Unvaccinated Google employees risk sanctions and dismissal

  • Blockchain

  • Cybercriminality

  • Computer science

  • High-Tech

  • Cybersecurity

  • Google

  • 0 comment

  • 0 share

    • Share on Messenger

    • Share on Facebook

    • Share on twitter

    • Share on Flipboard

    • Share on Pinterest

    • Share on Linkedin

    • Send by Mail

  • To safeguard

  • A fault ?

  • To print