O Google is suing two Russian citizens for hacking over a million computers and devices around the world using the technology blockchain. The complaint was filed last Tuesday (7), in the United States District Court for the Southern District of New York, against Dmitry Starovikov, Alexander Filippov and 15 other individuals who were not identified.
According to Google, these criminals would be acting in a gang to operate the “botnet ”Glupteba, a network of internet-connected devices running bots simultaneously. The company identified that this network was being used for illegal purposes, including the spread of malware, theft and unauthorized use of login data and other personal information of its users.
Typically, a botnet includes several devices that have been infected with malware. So, when activated simultaneously, they work for a hacker without their owners even suspecting what’s going on. It is estimated that the gang has already infected over a million devices not all world.
Combining so many computers, criminals have access to processing power that can bring websites down, penetrate security protocols and hijack systems in ramsonware attacks, for example.
Criminals used blockchain to protect botnet
In the complaint, Google highlighted that this particular botnet stands out from the others because of its “technical sophistication”, using the technology. blockchain to protect itself from interruptions. Chainalysis, the blockchain forensic analysis company, told Bloomberg who also investigated Gupteba, explaining in a little more detail the role of encrypted data blocks in this system created by hackers.
Simply put, whenever one of that botnet’s command and control servers shuts down, the bots scan the blockchain network to find a new domain address. This type of server is used by hackers to manage all compromised networks in the scheme. Thus, the blockchain guarantees, through an ingenious protocol, that the operations are never interrupted.
However, this also makes Gupteba a real nightmare for authorities and cybersecurity experts. According to Chainalysis, none of the conventional tactics work against this botnet precisely because they seek to shut down the control server. “This is the first known case of a botnet using this approach,” the company said.
Google also spoke up. A company spokesman told the Bloomberg that this is the company’s first experience with a botnet. According to the company, the complaint made this week is a measure taken to “further protect Internet users and to send a message to criminals cybernetic. “
Google is now working alongside the US Department of Justice on the investigation. So far, the tech giant has managed to identify two names. As the company pointed out in the complaint, Russians Dmitry Starovikov and Alexander Filippov were connected to Gupteba through the same servers used to configure their Gmail addresses.
In addition to stealing private data, criminals also mined cryptocurrencies through the processing power of infected computers. Now Google and US authorities are trying to stop Gupteba from causing further damage, but the botnet’s operations have not yet been halted.
With information: Bloomberg