Dec 8, 2021: According to a report by Bloomberg, Alphabet Inc.’s Google is suing two Russian nationals who they claim are part of a criminal organization that quietly infiltrated more than a million computers and devices around the world to “a modern technological and borderless incarnation of organized crime.”
In a complaint being unsealed Tuesday in the U.S. District Court for the Southern District of New York, Google names two defendants, Dmitry Starovikov and Alexander Filippov, as well as 15 unnamed individuals. Google claims the defendants have created a “botnet” known as Glupteba, to use for illicit purposes, including the theft and unauthorized use of Google users’ login and account information.
Glupteba botnet differs from others by its “technical sophistication”, using blockchain technology to protect itself, the complaint said. Google said that at any moment, the power of the Glupteba botnet could be used in a ransomware attack or a denial of service attack could be distributed.
Chainalysis Inc., a blockchain forensics analytics firm, said its products and services were used to investigate botnets. Whenever one of Glupteba’s command and control servers – which hackers use to manage compromised networks – is shut down, it blocks a new command and control server to find the domain address.
“This tactic makes the Glupteba botnet extremely difficult to disrupt through conventional cybersecurity techniques,” which are focused on disabling command-and-control server server domains, according to Chainalysis. “This is the first known case of a botnet using this approach.”
The spokesman said the company worked with the US Department of Justice to investigate. The Justice Department declined to comment. Starovkov and Philippov could not immediately be reached for comment. The spokesman said the tech company had taken the case to court to “create legal liability for cybercriminals”. “To illuminate their identity and the infrastructure they are using.”
Google said Starovikov and Filippov were connected to Glupteba by the servers used to set up their Gmail addresses.
Google said it was bringing the action under the Racketeer Influenced and Corrupt Organizations Act, known as RICO, as well as the Computer Fraud and Abuse Act, Electronic Communications Privacy Act and others, to disrupt the botnet, prevent it from causing further harm, and to recover damages.
Some of the most notorious cybercriminal gangs have ties to Russia, which has been accused of providing them with safe haven. The Kremlin has repeatedly denied responsibility for any hacking attacks.
Stay tuned to BaaghiTV for latest news and Updates!