CIO News Hubb
Advertisement
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact
No Result
View All Result
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact
No Result
View All Result
CIO News Hubb
No Result
View All Result
Home Information Security

Google Gets Court Order to Take Down CryptBot That Infected Over 670,000 Computers

admin by admin
April 28, 2023
in Information Security


Apr 27, 2023Ravie LakshmananBotnet / Cyber Crime

Google on Wednesday said it obtained a temporary court order in the U.S. to disrupt the distribution of a Windows-based information-stealing malware called CryptBot and “decelerate” its growth.

The tech giant’s Mike Trinh and Pierre-Marc Bureau said the efforts are part of steps it takes to “not only hold criminal operators of malware accountable, but also those who profit from its distribution.”

CryptBot is estimated to have infected over 670,000 computers in 2022 with the goal of stealing sensitive data such as authentication credentials, social media account logins, and cryptocurrency wallets from users of Google Chrome.

The harvested data is then exfiltrated to the threat actors, who then sell the data to other attackers for use in data breach campaigns. CryptBot was first discovered in the wild in December 2019.

The malware has been traditionally delivered via maliciously modified versions of legitimate and popular software packages such as Google Earth Pro and Google Chrome that are hosted on fake websites.

What’s more, a CryptBot campaign unearthed by Red Canary in December 2021 entailed the use of KMSPico, an unofficial tool that’s used to illegally activate Microsoft Office and Windows without a license key, as a delivery vector.

CryptBot

Then in March 2022, BlackBerry disclosed details of a new and improved version of the malicious infostealer that was distributed via compromised pirate sites that purport to offer “cracked” versions of various software and video games.

The major distributors of CryptBot, per Google, are suspected to be operating a “worldwide criminal enterprise” based out of Pakistan.

Google said it intends to use the court order, granted by a federal judge in the Southern District of New York, to “take down current and future domains that are tied to the distribution of CryptBot,” thereby kneecapping the spread of new infections.

UPCOMING WEBINAR

Zero Trust + Deception: Learn How to Outsmart Attackers!

Discover how Deception can detect advanced threats, stop lateral movement, and enhance your Zero Trust strategy. Join our insightful webinar!

Save My Seat!

To mitigate risks posed by such threats, it’s advised to only download software from well-known and trusted sources, scrutinize reviews, and ensure that the device’s operating system and software are kept up-to-date.

The disclosure comes weeks after Microsoft, Fortra, and Health Information Sharing and Analysis Center (Health-ISAC) legally joined hands to dismantle servers hosting illegal, legacy copies of Cobalt Strike to prevent the tool’s abuse by threat actors.

It also follows Google’s endeavors to shut down the command-and-control infrastructure associated with a botnet dubbed Glupteba in December 2021. The malware, however, staged a return six months later as part of an “upscaled” campaign.

Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.





Source link

Tags: computer securitycyber attackscyber newscyber security newscyber security news todaycyber security updatescyber updatesdata breachhacker newshacking newshow to hackinformation securitynetwork securityransomware malwaresoftware vulnerabilitythe hacker news
Previous Post

Innatefairness ~ Future of CIO

Next Post

Innatelogic

Related Posts

Information Security

New BrutePrint Attack Lets Attackers Unlock Smartphones with Fingerprint Brute-Force

by admin
May 30, 2023
Information Security

Advice to SMB CEOs from a former CIO

by admin
May 30, 2023
Information Security

Critical OAuth Vulnerability in Expo Framework Allows Account Hijacking

by admin
May 29, 2023
Information Security

New Stealthy Bandit Stealer Targeting Web Browsers and Cryptocurrency Wallets

by admin
May 28, 2023
Information Security

Severe Flaw in Google Cloud’s Cloud SQL Service Exposed Confidential Data

by admin
May 27, 2023
Next Post

Innatelogic

Recommended

Illustratereinvention ~ Future of CIO

May 30, 2023

New BrutePrint Attack Lets Attackers Unlock Smartphones with Fingerprint Brute-Force

May 30, 2023

Advice to SMB CEOs from a former CIO

May 30, 2023

Innovation & Information ~ Future of CIO

May 29, 2023

Critical OAuth Vulnerability in Expo Framework Allows Account Hijacking

May 29, 2023

Innovativegrowth ~ Future of CIO

May 28, 2023

© CIO News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy and Terms & Conditions.

Navigate Site

  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact

Newsletter Sign Up

No Result
View All Result
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact

© 2022 CIO News Hubb All rights reserved.