Google launches crackdown, takes down domains tied to CryptBot malware
Even as awareness is raised about spread of cyber crime, hackers keep coming up with different ideas to steal data and money from people. Crackdowns have come frequently and Google has been an active part of keeping these campaigns going to stop the spread of malware in order to protect users. Google is currently targeting Cryptbot malware distributors. They are paid to spread malware as much as possible for users to download and install, which subsequently infects machines and steals user data and money.
"Yesterday, a federal judge in the Southern District of New York unsealed our civil action against the malware distributors of Cryptbot, which we estimate infected approximately 670,000 computers this past year and targeted users of Google Chrome to steal their data. We're targeting the distributors who are paid to spread malware broadly for users to download and install, which subsequently infects machines and steals user data," Google said in a blog post.
CryptBot is a type of malware that is often referred to as an “infostealer” because it is designed to identify and steal sensitive information from victims' computers such as authentication credentials, social media account logins, cryptocurrency wallets, and more.
CryptBot then sends the stolen data to be harvested and eventually sold to bad actors to use in data breach campaigns. CryptBot distributors offer maliciously modified versions of many software packages, including Google Earth Pro and Google Chrome. Users download and install these packages, without realizing that doing so infects their machines with malware, the blog post explained.
It further informed that the recent CryptBot versions have been designed to specifically target users of Google Chrome.
