Η Google announced on Wednesday that it had obtained a US court order to stop the distribution of a malicious software which steals information from Windows. It's called CryptBot and Google should "slow down" its development.
The firm's Mike Trinh and Pierre-Marc Bureau they said that the efforts are part of steps they are taking "not only to hold accountable the criminal administrators of the malware, but also those who profit from its distribution."
Το CryptBot εκτιμάται ότι έχει μολύνει περισσότερους από 670.000 υπολογιστές το 2022 με στόχο την κλοπή ευαίσθητων δεδομένων όπως διαπιστευτήρια ελέγχου ταυτότητας, στοιχεία σύνδεσης λογαριασμών μέσων κοινωνικής δικτύωσης και πορτοφόλια κρυπτονομισμάτων από τους users Google Chrome.
The collected data is funneled to the malicious users, who then sell the data to others for use in data breach campaigns. CryptBot was first discovered in the wild in December 2019.
Malware is traditionally distributed through maliciously modified versions of legitimate and popular applications such as Google Earth Pro and Google Chrome hosted on fake websites.
CryptBot's major distributors, according to Google, run a "global criminal enterprise" based in Pakistan.
Google said it plans to use the injunction, granted by a federal judge in the Southern District of New York, to “slowon current and future domains linked to the distribution of CryptBot”, thus bringing the spread of new infections to its knees.