Posted on December 13, 2021 at 4:23 PM
Google takes action against a massive botnet
Ever since the internet was born, it was also dangerous due to all kinds of threats that emerged soon after. For the most part, bad actors were emerging all over the world, targeting regular people, companies, and even the government, whether in pursuit of money, or information that they could sell or use to get money.
Some were chaotic enough to only seek to do damage, apparently with no desire to profit from their moves at all. But, most of the bad actors are motivated by cash, whether we are talking about the hackers who are launching ransomware, or those who were breaking into highly-secure systems to steal funds directly.
Of course, one of the more common threats on the internet these days are botnets. Some are for hire, others were created by the hackers for their own purposes. The easiest way to make botnets, however, is via malware. Some malware is now capable of having near-total control over affected devices, which can have devastating consequences on the device itself, but also on the lives of those to who said devices belong.
A new major botnet emerges
Over the years, there were plenty of massive botnets that hackers used to cause chaos on the internet, such as Emotet, which was an extremely powerful one. Not only that, but it also rented itself out to other malware, which was allowed to install itself on the devices that the botnet was already controlling. Fortunately, the botnet was taken down recently, but not before it caused major damage.
Another example is Trickbot, which was quite a notorious one. This one caused a lot of trouble too, and Microsoft stepped up to try and deal with it.
Now, however, a new major botnet seems to be causing trouble, and this time, Google is rising up to the challenge, trying to dismantle it. The company behind the world’s largest search engine announced a move to shut down Glupteba, as the network of corrupted devices seems to have over one million devices enslaved and forcing them to do its bidding.
The botnet’s primary goal, according to reports, is to mine cryptocurrencies, primarily Bitcoin itself. To do that, it has infected more than a million Windows units. However, while using so many devices to mine Bitcoin is bad in its own right, the botnet could be a lot more devastating if it were to be used to spread ransomware, or to launch DDoS attacks. With that in mind, security experts are hoping that the hacker(s) behind the botnet will not get bored with crypto mining.
Interestingly, one of the main methods for spreading Glupteba appears to be via Google’s own Google Docs, which is why the company got particularly interested in this specific botnet. The tech giant seems to have taken it as a personal insult, which is why it has decided to take action and try to dismantle the botnet itself.
Google takes action
Up to this point, it has reported the termination of more than 63 million Google Docs that were connected to the botnet or malware behind it in some way. In addition, over 1,000 Google accounts have been shut down for the same reason. Google went beyond just technological warfare, however, as it also filed a lawsuit against the bad actors who misused its services and products, thus taking matters to court, as well.
However, the botnet has proved to be rather tricky, which makes dealing with it that much more complicated. Apparently, as the Google lawsuit describes it, it does not rely on predetermined channels. Instead, the malware that is being used for spreading it was programmed to seek out replacement servers to maintain operations.
In other words, the botnet is like a massive hive mind of tech, which has the potential to gain thousands of new devices per day, highjacking it and adding it to its growing library. Even though the network is commanding a million devices to date — at least, as far as it is known — this is still considered to be relatively small compared to the over 500 million users claimed by the new combined Norton and Avast cybersecurity firm.
