Google takes down Glupteba botnet

Google’s Threat Analysis Group (TAG) reported that it has interrupted the functioning of Glupteba, a sophisticated botnet. As a resiliency mechanism, the virus infected over one million Windows systems globally and placed its command-and-control server addresses on Bitcoin’s blockchain.

Over the past year, TAG collaborated with the CyberCrime Investigation Group to terminate approximately 63 million Google Docs that were found to have distributed malware. The organization also collaborated with internet infrastructure and hosting companies, such as Cloudflare, to demolish the virus by shutting down servers and putting interstitial warning pages in front of dangerous domains.

Google also filed a case against two Russians, Dmitry Starovikov and Alexander Filippov, who are accused of co-managing the botnet with 15 other unnamed defendants, calling the operation a “modern technological and borderless incarnation of organized crime.”

Glupteba has been observed stealing user passwords and cookies, mining cryptocurrency on compromised hosts, and deploying and operating proxy components targeting Windows computers and IoT devices. The botnet has been seen targeting victims in countries such as the United States, India, Brazil, and Southeast Asia.

The sources for this piece include an article in TheHackerNews.

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web