Google has filed a lawsuit against several major distributors of the CryptBot info stealing malware believed to be based in Pakistan and operating a worldwide criminal enterprise.
The legal complaint is part of an ongoing Google’s campaign against cybercriminals and is based on a variety of claims, including computer fraud and abuse and trademark infringement.
CryptBot is designed to steal sensitive data from infected machines like authentication credentials, social media account logins, and cryptocurrency wallets. CryptBot distributors offer malicious versions of popular software, including Google Earth Pro and Google Chrome, that infect victim’s computers with malware without users realizing it.
Google estimates that CryptBot has infected approximately 670,000 computers in the past year alone, primarily targeting users of Google Chrome
To hamper the spread of CryptBot, the court granted Google a temporary restraining order that allows the company to take down current and future domains that are tied to the distribution of CryptBot.
“This will slow new infections from occurring and decelerate the growth of CryptBot. Lawsuits have the effect of establishing both legal precedent and putting those profiting, and others who are in the same criminal ecosystem, under scrutiny,” the tech giant explained in a blog post.
In December 2021, the company made a similar effort to disrupt operations of the blockchain-enabled botnet known as Glupteba that infected nearly 1 million Windows machines worldwide. However, it took Glupteba operators only six months to build a new campaign from scratch and distribute it in the wild on a much larger scale.