![]() This attempt at a takedown by Google isn’t just focused on the code side of things. This can be logins, authentication methods, private data, and several types of payment information, such as card details and cryptocurrencies. When it notices Chrome is installed on a PC, it attempts to “locate, collect, and extract user credentials saved to Chrome”. Google highlights that CryptoBot targets users of Chrome. The Malware Distribution Enterprise operated by Defendants in this case is one of the primary means of spreading the CryptBot malware to new victims. These websites offer software infected with CryptBot malware, such as maliciously modified versions of Google Chrome and Google Earth Pro, and also cracked third party software. ![]() (The) defendants’ criminal scheme is perpetrated via a pay-per-install (“PPI”) network known as “360installer,” which fosters the creation of websites that offer illegally modified software (“Cracked Software Sites”). The products were secretly infected with CryptBot, which would then go on to try and plunder credentials from the infected systems. A big part of the CryptBot tactics on display involved offering up cracked or modified versions of popular Google products. It’s easy to see what piqued Google’s interest in this infection campaign. The lawsuit unsealed this week reveals Google’s line of approach for tackling CryptBot’s alleged primary distributors, located in Pakistan. This legal campaign focuses on shutting down domains associated with the stealer. Unfortunately for the malware campaign operators, Google's not impressed. ![]() This malware, which Google claims compromised roughly 670k computers, set about infecting users of the Chrome browser. Google is in the midst of a legal campaign designed to take down the creators of a very persistent piece of malware called CryptBot.
0 Comments
Leave a Reply. |