Google uses Cryptbot info stealer for infecting Chrome users and stealing data, taking down associated malware infrastructure.
The sole goal of this lawsuit is to reduce the victims’ data theft by disrupting the complete infrastructure and distribution network of the CryptBot info-stealing malware.
In 2022, it was reported that CryptBot, which is a Windows malware, infected more than 670,000 computers to steal the following sensitive data from Chrome users:-
- Authentication credentials
- Social media account logins
- Cryptocurrency wallets
Legal Strategy & Disruption
It is believed that the operators and distributors of CryptBot info-stealer are Pakistan-based and run globally. On several types of claims, the legal complaint is based, and the claims are like:-
- Computer fraud
- Computer abuse
- Trademark infringement
Google has been granted a temporary restraining order by the court to disrupt the distributors and infrastructure of CryptBot to restrict its spread.”
Google is authorized by the court to take down active and future domains linked with CryptBot distribution, effectively slowing down the malware network’s expansion and reducing new infections.
The impact of lawsuits extends beyond their immediate outcomes. They can set legal precedents while subjecting the offenders and others involved in the same criminal network to scrutiny and public accountability for their actions.
Here the malware secretly collects data from the infected device without the victim’s knowledge and then sends the collected data to the command and control (C2) server.
Recommendations
To enhance the battle against security threats, cybersecurity analysts have strongly recommended the following measures:-
- Always make sure to download from well-known and trusted sources.
- Ensure to read reviews.
- Do your proper research.
- Always keep your system and software up-to-date.
- Make sure to use a reputed antivirus tool.
Source: https://cybersecuritynews.com/google-dismantles-cryptbot-info-stealing-malware-infrastructure-that-hacked-670000-computers/