Google files lawsuit against Russian botnet operators

The Glupteba botnet infected approximately one million Windows machines to steal data and mine cryptocurrencies

Google has launched legal action against a group of Russian hackers in what it claims is the world’s first lawsuit against a blockchain-enabled botnet.

Known as Glupteba, the botnet compromised approximately one million Windows devices globally, stealing victims’ personal data and using the infected machines to mine cryptocurrencies and funnel third-party internet traffic.

The sophisticated botnet was disrupted by Google, whose team managed to sever the hackers’ control over Glupteba by disrupting its key command and control (C2) infrastructure.

The tech giant also partnered with CloudFlare to take down servers belonging to Glupteba and place warning signs in front of the malicious domain names. 

However, Google said on Tuesday that the measures were temporary and that it expects the hackers to regain control over the botnet in the future.

Hence, the tech giant has also filed a lawsuit against Glupteba’s operators, including two Russian nationals known as Dmitry Starovikov and Alexander Filippov, as well as 15 unnamed accomplices who are all believed to be based in Russia.

The lawsuit was filed in the Southern District of New York and accuses the defendants of computer fraud and abuse, trademark infringement, wire fraud, identity fraud, and access device fraud. 

Google also filed a temporary restraining order against the hackers in an attempt to bolster its technical disruption effort.

Related Resource

How to secure workloads in hybrid clouds

Cloud workload protection

Whitepaper front coverFree download

In a joint blog post, Google’s Security VP Royal Hansen and general counsel Halimah DeLaine Prado said that the lawsuit is the first of its kind against a blockchain-enabled botnet.

“We think [the lawsuit] will set a precedent, create legal liability for the botnet operators, and help deter future activity,” they stated.

In the last year, Google had taken down 63 million Google Docs, 1,183 Google Accounts, 908 Cloud Projects, and 870 Google Ads accounts associated with Glupteba, with an additional 130 Google accounts “in the last few days”.

It also issued warnings to 3.5 million users before downloading a malicious file through Google Safe Browsing warnings.

The news comes just hours after Russia fined Google 9 million roubles (£94,400) as penalty for failing to delete content deemed illegal by the country’s government.

Featured Resources

How virtual desktop infrastructure enables digital transformation

Challenges and benefits of VDI

Free download

The Okta digital trust index

Exploring the human edge of trust

Free download

Optimising workload placement in your hybrid cloud

Deliver increased IT agility with the cloud

Free Download

Modernise endpoint protection and leave your legacy challenges behind

The risk of keeping your legacy endpoint security tools

Download now

Recommended

Russia's "politically motivated" REvil raid could be used as leverage, experts warn
ransomware

Russia's "politically motivated" REvil raid could be used as leverage, experts warn

17 Jan 2022
Meta files lawsuit to uncover hackers targeting Facebook, WhatsApp
phishing

Meta files lawsuit to uncover hackers targeting Facebook, WhatsApp

21 Dec 2021
Five things to consider before choosing an MFA solution
Security

Five things to consider before choosing an MFA solution

17 Dec 2021
Australia and US sign CLOUD Act data-sharing deal to support criminal investigations
cyber crime

Australia and US sign CLOUD Act data-sharing deal to support criminal investigations

16 Dec 2021

Most Popular

How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

6 Jan 2022
Dell XPS 15 (2021) review: The best just got better
Laptops

Dell XPS 15 (2021) review: The best just got better

14 Jan 2022
How to speed up Windows 11
Microsoft Windows

How to speed up Windows 11

7 Jan 2022