Friday , April 18 2025

Google Obtains Court Order to Disrupt CryptBot Distribution

infosecbulletin Friday , April 28 2023 Cyber Attack, International

Google this week announced that it has obtained a court order that helped it disrupt the CryptBot information stealer’s distribution.

Initially designed to harvest and exfiltrate sensitive information such as credentials, cryptocurrency wallets, and more, CryptBot was also seen distributing banking trojans.

16,000+ Fortinet devices compromised with symlink backdoor, Mostly in Asia

By infosecbulletin / Friday , April 18 2025
According to Shadowserver Foundation around 17,000 Fortinet devices worldwide have been compromised using a new technique called "symlink". This number...
Read More
16,000+ Fortinet devices compromised with symlink backdoor, Mostly in Asia

Patch now! Critical Erlang/OTP SSH Vuln Allows UCE

By infosecbulletin / Friday , April 18 2025
A critical security flaw has been found in the Erlang/Open Telecom Platform (OTP) SSH implementation, allowing an attacker to run...
Read More
Patch now! Critical Erlang/OTP SSH Vuln Allows UCE

CISA warns of increasing risk tied to Oracle legacy Cloud leak

By infosecbulletin / Thursday , April 17 2025
On Wednesday, CISA alerted about increased breach risks due to the earlier compromise of legacy Oracle Cloud servers, emphasizing the...
Read More
CISA warns of increasing risk tied to Oracle legacy Cloud leak

CVE-2025-20236
Cisco Patches Unauthenticated RCE Flaw in Webex App

By infosecbulletin / Thursday , April 17 2025
Cisco issued a security advisory about a serious vulnerability in its Webex App that allows unauthenticated remote code execution (RCE)...
Read More
CVE-2025-20236 Cisco Patches Unauthenticated RCE Flaw in Webex App

Apple released emergency security updates for 2 zero-day vulns

By infosecbulletin / Thursday , April 17 2025
On Wednesday, Apple released urgent operating system updates to address two security vulnerabilities that had already been exploited in highly...
Read More
Apple released emergency security updates for 2 zero-day vulns

Oracle Released Patched for 378 flaws for April 2025

By infosecbulletin / Wednesday , April 16 2025
On April 15, 2025, Oracle released a Critical Patch Update for 378 flaws for its products. The patch update covers...
Read More
Oracle Released Patched for 378 flaws for April 2025

CVE-2025-24054
Hackers Exploiting NTLM Spoofing Windows Vuln the in Wild

By infosecbulletin / Wednesday , April 16 2025
Check Point Research warns of the active exploitation of a new vulnerability, CVE-2025-24054, which lets hackers leak NTLMv2-SSP hashes using...
Read More
CVE-2025-24054 Hackers Exploiting NTLM Spoofing Windows Vuln the in Wild

Bengaluru firm got ransomware attack, Hacker demanded $70,000

By infosecbulletin / Wednesday , April 16 2025
Bengaluru's Whiteboard Technologies Pvt Ltd was hit by a ransomware attack, with hackers demanding a ransom of up to $70,000...
Read More
Bengaluru firm got ransomware attack, Hacker demanded $70,000

MITRE warns: U.S. Govt. Funding for MITRE’s CVE Ends Today

By infosecbulletin / Wednesday , April 16 2025
MITRE Vice President Yosry Barsoum warned that U.S. government funding for the Common Vulnerabilities and Exposures (CVE) and Common Weakness...
Read More
MITRE warns: U.S. Govt. Funding for MITRE’s CVE Ends Today

PwC exits more than a dozen countries in push to avoid scandals: FT reports

By infosecbulletin / Wednesday , April 16 2025
PwC has ceased operations in more than a dozen countries that its global bosses have deemed too small, risky or...
Read More
PwC exits more than a dozen countries in push to avoid scandals: FT reports

Over the past year alone, the malware infected roughly 670,000 computers, Google estimates.

The malware has been distributed via modified versions of legitimate software, including Google Earth Pro and Chrome, with recent CryptBot versions focusing heavily on the users of the Chrome browser.

According to Google, its investigation into the malware has identified several major CryptBot distributors based in Pakistan, which operate a global criminal enterprise.

To disrupt the operation, Google filed a legal complaint in the Southern District of New York, and a judge has granted the internet giant a temporary restraining order to act against the identified distributors.

“We’re targeting the distributors who are paid to spread malware broadly for users to download and install, which subsequently infects machines and steals user data. […] The legal complaint is based on a variety of claims, including computer fraud and abuse and trademark infringement,” Google says.

Armed with the fresh court order, Google can take down current and future domains used to distribute CryptBot, which is expected to impact the infostealer’s infection rates.

“This will slow new infections from occurring and decelerate the growth of CryptBot. Lawsuits have the effect of establishing both legal precedent and putting those profiting, and others who are in the same criminal ecosystem, under scrutiny,” the internet giant says.

 

Check Also

Australian Cyber Security Centre Alert for Fortinet Products

The Australian Cyber Security Centre (ACSC) has alerted technical users in both private and public …

Leave a Reply

Your email address will not be published. Required fields are marked *

Mail: [email protected]
© Copyright 2025, All Rights Reserved InfoSecBulletin