On 7 December 2021, Google sued a few individuals who are reportedly behind the sophisticated botnet for cryptojacking called ‘Glupteba’. The botnet had reportedly used the Bitcoin blockchain to infect more than 1 million computers all over the world, while successfully evading the cybersecurity officials. The people who have been sued for the crypto attack consisted of two Russian individuals Alexander Filippov and Dmitry Staroviko. In addition to this, around 15 unknown individuals have also been sued.
In the civil complaint, Google said that the alleged individuals stole victims’ account information and mined cryptos on victims’ computers using the botnet. They had stolen the account information to sell it to third parties and also used the victims’ credit cards to purchase goods. It has been found that the botnet had itself used the blockchain technology in order to secure it against traditional tools that are used against this kind of malicious activities. Through the unique manner in which the blockchain was leveraged, the botnet uses Bitcoin’s decentralization aspect to its advantage. It was turned into an asset that was significantly harder to shut down.
According to Chainalysis, which reportedly helped Google in the investigation, the blockchain of Bitcoin was weaponized through the botnet. The botnet was able to stay ahead of the cybersecurity officials by embedding server addresses related to command-and-control in the blockchain. It further added that this is reportedly the first such case where the botnet has used this approach. While Google has already taken action for the disruption of the botnet, there is a worry that it can be resurrected any time, given that it uses Bitcoin Blockchain. For eradicating the botnet entirely, the blockchain-based infrastructure would have to be neutralized.