Google is suing two Russians for multiple attacks on a sophisticated botnet that has quietly infiltrated more than 1 million Windows machines around the world. After a device is infected, the botnet steals users' credentials and data, secretly mines cryptocurrency, and sets up proxies to deliver other people's internet traffic through infected machines and routers.
Image from internetsecurity
In a complaint filed with U.S. District Court for the Southern District of New York, Google claimed that Russian nationals Dmitry Starovikov and Alexander Filippov were the two main operators of the Glupteba botnet and listed Gmail and Google Workspace accounts they allegedly created to help them run criminal enterprises.
Google alleges that the two defendants exploited botnets (described as "the technological embodiment of modern, borderless organized crime") to steal and use the login and account information of Google users. It demanded damages from Starovikov and Filippov and permanently banned the use of Google services.
Google says it has been tracking the Glupteba botnet since 2020, and so far it has infected about 1 million Windows machines worldwide and is growing at the rate of thousands of new devices every day. Once a device is infected, it's usually tricked into downloading malware through a third-party "free download" website — a botnet that steals the user's credentials and data, secretly mines cryptocurrency, and sets up proxies to deliver other people's internet traffic through the infected machines and routers.
Google added in its complaint: "At any time, the power of the Glupteba botnet could be used for powerful ransomware attacks or distributed denial-of-service attacks." In addition to initiating lawsuits against the so-called Glupteba botnet, the company's Threat Analysis Group (TAG) has observed that the botnet targets victims in the United States, India, Brazil, Vietnam and Southeast Asia. Google announced that it had partnered with internet hosting providers to disrupt the botnet's critical command and control (C2) infrastructure. This means that its operators no longer control the botnet, although Google warns that it could make a comeback because Glupteba uses blockchain technology as an elastic mechanism.
![Chen Long, former chief strategist of Zhongtai Securities, was arrested on suspicion of manipulating Xiaokang shares. Xiaokang shares clarified: not aware of and not involved[fig]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)