Thu. Jan 20th, 2022

In a lawsuit filed Tuesday in the United States District Court for the Southern District of New York, Google names two defendants, Dmitri Starovikov and Alexander Filippov, as well as 15 unnamed individuals.

Alphabet Inc. Google is suing two Russian citizens who claim to be part of a criminal enterprise that has tacitly infiltrated more than a million computers and devices around the world, creating a modern technological and borderless incarnation of organized crime.

In a lawsuit unveiled Tuesday in the U.S. District Court for the Southern District of New York, Google names two defendants, Dmitry Starovikov and Alexander Filippov, as well as 15 unnamed individuals. Google alleges that the defendants created a “botnet” known as Glupteba to be used for illegal purposes, including the theft and unauthorized use of Google users’ login and account information.

A botnet is a network of Internet-connected devices that are infected with malware. When they are called together, they can make the bid of a hacker, often with the owners of the devices not realizing that their machines have been hijacked. A swarm of devices can bump traffic to websites, use malware to steal credentials, sell fraudulent credit cards online, and grant unauthorized access to other cybercriminals.

The Glupteba botnet stands out from others because of its “technical sophistication”, which uses blockchain technology to protect itself from disruption, Google said in the complaint. At any time, the power of the Glupteba botnet could be used in a ransom attack or distributed denial attack, Google said.

Chainalysis Inc., a blockchain forensic analysis firm, said its products and services were used to investigate the botnet.

When one of Glupteba’s command-and-control servers – which hackers use to manage compromised networks – is shut down, it can scan the blockchain to find a new command-and-control server domain address, according to a Chainalysis statement .

“These tactics make the Glupteba botnet extremely difficult to disrupt by conventional cyber security techniques,” which are focused on disabling command-and-control server-to-server domains, according to Chainalysis. “This is the first known case of a botnet using this approach.”

It’s also the first time Google has searched for a botnet, a Mountain View, California-based company spokesman said in an email. “We are taking this action to further protect Internet users and to send a message to cybercriminals that we will not tolerate these types of activities.”

The spokesman said the company was working with the U.S. Department of Justice on the investigation. The justice department declined to comment. Starovikov and Filippov could not be immediately reached for comment.

The technology giant brought the action to court to “create a legal liability for the cybercriminals,” the spokesman said. To “reveal their identities and the infrastructure they use.”

Google said Starovikov and Filippov were connected to Glupteba by the servers used to set up their Gmail addresses.

“Glupteba is notorious for stealing users’ credentials and data, exploiting cryptocurrencies on infected hosts, and setting up proxies to funnel other people’s Internet traffic through infected machines and routers,” said Google General Counsel Halimah DeLaine Prado and Google Vice President written by Engineering Royal Hansen. in a blog post.

In June 2020, the security firm Sophos published a report on the Glupteba malware, noting that it “was able to continuously thwart attempts to remove it from an infected machine,” researcher Luca Nagy wrote at the time. “Glupteba also follows a variety of approaches to lying low and avoiding being noticed.”

Google has said it is taking action under the Racket Influence and Corrupt Organizations Act known as RICO, as well as the Computer Fraud and Abuse Act, Electronic Communications Privacy Act and others, to disrupt the botnet, preventing further damage inflict, and recover damage.

Some of the most notorious cybercrime gangs have ties to Russia, which is accused of providing them with safe haven. The Kremlin has repeatedly denied responsibility for any burglary attacks.

Source link

By admin

Leave a Reply

Your email address will not be published. Required fields are marked *