“Google Takes Down CryptBot: Over 670K Computers Infected”

Cybersecurity policy | Latest Cyber News

Reading Time: ( Word Count: )

0 Comment(s)
April 27, 2023
Nextdoorsec-course

On Wednesday, Google announced that it had obtained a temporary court order in the US to disrupt the malware distribution named CryptBot. The spyware collects private information from Google Chrome users, including login information for social networking accounts, digital currency accounts, and authentication details. 

More than 670k PCs were attacked by CryptBot in 2022, and the captured data was traded to different hackers for use in hacking activities. By court order, Google plans to remove all active and prospective sites connected to the dissemination of CryptBot.

Mike Trinh and Pierre-Marc Bureau from Google stated that the tech giant is taking action to punish individuals who gain from the spread of ransomware and its illicit owners responsible. CryptBot, initially identified in December 2019, spreads by deliberately altered versions of well-known software programs like Google Earth Pro and Google Chrome that are stored on bogus websites.

Also Read: “Chinese Hackers Expand Targets with PingPull Linux Variant: Financial and Government Entities at Risk”

The infection has been spread through hacked thief websites that provide “cracked” editions of several programs and video games.

In December 2021, Red Canary discovered a CryptBot campaign that used KMSPico, an unofficial tool to activate Microsoft Office and Windows without a license key, as a delivery vector. BlackBerry also updated and released the harmful info stealer in March 2022 via hacked piracy websites. Google believes that the leading CryptBot dealers are conducting a global criminal organization out of Pakistan.

Users are encouraged to only download applications from trustworthy websites, carefully read feedback, and ensure that both the software and the OS on their device are updated to minimize the dangers of such attacks. The disclosure from Google comes after Microsoft, Fortra, and Health-ISAC legally dismantled servers hosting illegal copies of Cobalt Strike to prevent the tool’s abuse by threat actors. In December 2021, Google replaced the order-and-control system linked to the Glupteba botnet. However, the virus returned six months later with an “upscaled” assault. 

Saher

Saher

Author

Saher is a cybersecurity researcher with a passion for innovative technology and AI. She explores the intersection of AI and cybersecurity to stay ahead of evolving threats.

Other interesting articles

Top AI Cybersecurity Companies to Consider in 2023

Top AI Cybersecurity Companies to Consider in 2023

Cyber Security
Artificial intelligence (AI) has appeared as a powerful tool in cybersecurity. As the rate and sophistication of ...
60 Chat GPT Prompts for Cyber Security by Experts

60 Chat GPT Prompts for Cyber Security by Experts

Cyber Security
Chat GPT, powered by advanced natural language processing and artificial intelligence techniques, has emerged as a ...
Penetration Testing vs. Security Testing: Unraveling the Differences

Penetration Testing vs. Security Testing: Unraveling the Differences

Cyber Security
In today's increasingly interconnected world, ensuring the security of digital systems and networks is paramount. ...
Internal vs. External Penetration Testing: Making the Right Choice

Internal vs. External Penetration Testing: Making the Right Choice

Cyber Security
Penetration testing, often called pen testing, is crucial to ensuring the security and resilience of computer ...
0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *