Google has brought legal action against 17 suspected cyber criminals, in the search giant’s first ever case launched against a botnet.
The case names Russians Dmitry Starovikov and Alexander Filippov, alongside 15 of their associates, as being behind Glupteba – a malicious botnet thought to have been in action for over a decade. During that time, Glupteba is thought to have infected over a million Windows devices, stealing personal information that could be used to commit fraud. At its peak, the botnet was thought to be reaching thousands of new devices every day.
Glupteba is spread through a number of different websites sites, including one that purports to be affiliated with YouTube (which is owned by Google). Other distribution methods include online streaming services and third-party download sites.
As well as trademark infringement for the YouTube issue, Google is also accusing the defendants of computer fraud and abuse under the Racketeer Influenced and Corrupt Organizations (Rico) Act. This is more typically used to combat organised crime and drug trafficking networks – so could point towards a new and much wider application of the act if Google is successful.
As well as launching its legal case, Google has also taken direct action against the botnet, and believes to have disrupted its “key command and control infrastructure”, thereby preventing the hackers from gaining access to their system. However, Google knows this is only a temporary solution, admitting that the cybercriminals are only locked out “for now”.
In a blog post explaining why the action was taken, Google’s Vice President of Security, Royal Hansen, and General Counsel, Halimah DeLaine Prado, identified Glupteba as standing out from the crowd because of its “technical sophistication”. They added: “We are using our resources to launch litigation — the first lawsuit against a blockchain-enabled botnet — which we think will set a precedent, create legal liability for the botnet operators, and help deter future activity.”