Google announced on Wednesday that it has obtained a US court order to stop the distribution of malware that steals information from Windows. It's called CryptBot and Google should "slow down" its development.
The firm's Mike Trinh and Pierre-Marc Bureau they said that the efforts are part of steps they are taking "not only to hold accountable the criminal administrators of the malware, but also those who profit from its distribution."
CryptBot is estimated to have infected more than 670.000 computers in 2022 with the aim of stealing sensitive data such as authentication credentials, social media account logins and cryptocurrency wallets from Google Chrome users.
The collected data is funneled to the malicious users, who then sell the data to others for use in data breach campaigns. CryptBot was first discovered in the wild in December 2019.
Malware is traditionally distributed through maliciously modified versions of legitimate and popular applications such as Google Earth Pro and Google Chrome hosted on fake websites.
CryptBot's major distributors, according to Google, run a "global criminal enterprise" based in Pakistan.
Google said it plans to use the injunction, granted by a federal judge in the Southern District of New York, to "take down current and future domains associated with the distribution of CryptBot," thus bringing the spread of new infections to its knees.
