San Francisco: In an effort to protect users from cyberattacks, Google has blocked the notorious CryptBot malware, which the company claims have stolen data from hundreds of thousands of Chrome browser users in the past year.
According to the company, CryptBot is a type of malware often referred to as an ‘infostealer’ because it is designed to identify and steal sensitive information from victims’ computers such as authentication credentials, social media account logins, cryptocurrency wallets, and more.
CryptBot then sends the stolen data to be harvested and eventually sold to bad actors to use in data breach campaigns.
Moreover, Google stated that the malware was spread through maliciously modified apps such as Google Chrome and Google Earth Pro. The malware has infected approximately 6,70,000 computers this past year and targeted users of Google Chrome to steal their data.
In response to recent CryptBot versions impersonating its browser software and mapping software, Google tracked the malware’s Pakistan-based distributors, identified the malware, and took action.
Following the filing of a legal complaint against several of CryptBot’s major distributors, the tech giant on Wednesday confirmed that it had obtained a temporary court order limiting the developers’ ability to spread the infostealer malware.
“Our litigation was filed against several of CryptBot’s major distributors who we believe are based in Pakistan and operate a worldwide criminal enterprise. The legal complaint is based on a variety of claims, including computer fraud and abuse and trademark infringement.
“To hamper the spread of CryptBot, the court has granted a temporary restraining order to bolster our ongoing technical disruption efforts against the distributors and their infrastructure,” Google said in a blogpost.
The order, granted by a federal judge in the Southern District of New York in the US, has allowed Google to take down current and future domains that are tied to the distribution of CryptBot malware.