Google is taking legal action against the operators of Cryptbot, an information-stealing program capable of stealing sensitive data from users of its Chrome browser.
It hopes the move will curb the efforts of threat actors who allegedly attacked hundreds of thousands of people alone last year.
Google has filed a lawsuit against Cryptbot’s infrastructure and distribution network and obtained a temporary restraining order allowing it to take the malicious domain offline.
global criminal enterprise
“Our lawsuit is filed against several of CryptBot’s key distributors, who we believe are based in Pakistan and run a global criminal enterprise,” said Mike Trinh, senior director of litigation at Google and Pierre-Marc Bureau of the Threat Analysis Group. explain (opens in a new tab)“The legal complaint is based on a variety of claims, including computer fraud and abuse and trademark infringement.”
Now, with the restraining order in place, Google can also act quickly: “Yesterday, a federal judge in the Southern District of New York announced that we have filed a civil lawsuit against malware (opens in a new tab) Distributors of Cryptbot, which we estimate infected approximately 670,000 computers last year and targeted Google Chrome users to steal their data,” Trinh and Bureau added.
“We target distributors who pay to distribute malware widely for users to download and install, which then infects machines and steals user data.”
Cryptbot is a common information stealer that targets Windows users in an attempt to steal their passwords, credit card information, or other useful and potentially valuable data. Often, carriers sell this information on the black market, giving other hackers the tools they need to commit identity theft or financial fraud.
Google said: “Recent versions of Cryptbot were designed specifically for users of Google Chrome, where Google’s Cybercrime Investigations Group (CCIG) and Threat Analysis Group (TAG) teams worked to identify the distributor, investigate and take action. “
pass: Beep computer (opens in a new tab)
