Well, if you think by clicking on the first search result you are saving yourself from malicious attacks then you might be wrong. But as Google acts on its doppelganger for malicious attacks that stole sensitive information from more than a hundred thousand users, the issue seems to have been resolved.
This comes almost two years after Google announced that its Threat Analysis Group (TAG) has taken steps against a botnet named Glupteba. The botnet was said to target Windows devices. But the issue is that action against botnets requires legal proceedings and law enforcement to stop them. And these proceedings may take a lot of time and effort, which was the same case here. The case involved a yearlong battle that lasted till November last year.
Google won that legal battle and set an example for the tech community. It claimed that TAG has observed a 78% reduction in the number of infected hosts. This was because it went after distributors who are paid to spread the malware. What it did was to make these criminal actors behind the set come forward as defendants in the lawsuit. But that time too Google said that the war against cybercrime isn’t over. Now we see a new botnet named Cryptbot being dragged to court by the tech giant that has affected nearly 670,000 computers in 2022 according to Google Blog.
Cryptbot is nothing but as Google describes it an “infostealer”. But the interesting thing here was that this botnet acted as the official version of Google Earth Pro and Google Chrome. These were then distributed across the globe using similar distributors and an abundance of shell companies.
So instead of going after the creators, Google’s CyberCrimes Investigations Group (CCIG) and Threat Analysis Group (TAG) teams went after distributors which they believed were majorly based in Pakistan. “The legal complaint is based on a variety of claims, including computer fraud and abuse and trademark infringement.” Google got the upper hand in the case and it is a sigh of relief for people losing faith in cybersecurity after T-Mobile was affected by massive data breach few months back.
After the court declaration, Google was allowed “to take down current and future domains that are tied to the distribution of CryptBot.” Also, the court issued a temporary restraining order to encourage Google in its efforts to disrupt malware and act on its Doppelganger that Stole sensitive information
Source: Google Blog
