InfoSecBulletin Cybersecurity for mankind
Google this week announced that it has obtained a court order that helped it disrupt the CryptBot information stealer’s distribution.
Initially designed to harvest and exfiltrate sensitive information such as credentials, cryptocurrency wallets, and more, CryptBot was also seen distributing banking trojans.
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
CISA: Splunk flaw under active exploit, patch by Sunday
Texas data breach exposes 3 million driver’s licenses
Over the past year alone, the malware infected roughly 670,000 computers, Google estimates.
The malware has been distributed via modified versions of legitimate software, including Google Earth Pro and Chrome, with recent CryptBot versions focusing heavily on the users of the Chrome browser.
According to Google, its investigation into the malware has identified several major CryptBot distributors based in Pakistan, which operate a global criminal enterprise.
To disrupt the operation, Google filed a legal complaint in the Southern District of New York, and a judge has granted the internet giant a temporary restraining order to act against the identified distributors.
“We’re targeting the distributors who are paid to spread malware broadly for users to download and install, which subsequently infects machines and steals user data. […] The legal complaint is based on a variety of claims, including computer fraud and abuse and trademark infringement,” Google says.
Armed with the fresh court order, Google can take down current and future domains used to distribute CryptBot, which is expected to impact the infostealer’s infection rates.
“This will slow new infections from occurring and decelerate the growth of CryptBot. Lawsuits have the effect of establishing both legal precedent and putting those profiting, and others who are in the same criminal ecosystem, under scrutiny,” the internet giant says.
