Google has revealed details of a new legal campaign to pursue the operators of prolific information-stealing malware, which has so far infected an estimated 670,000 computers.
The tech giant launched a civil case against several of CryptBot’s major distributors, which it said are likely based in Pakistan.
“To hamper the spread of CryptBot, the court has granted a temporary restraining order to bolster our ongoing technical disruption efforts against the distributors and their infrastructure. The court order allows us to take down current and future domains that are tied to the distribution of CryptBot,” explained Google.
“This will slow new infections from occurring and decelerate the growth of CryptBot. Lawsuits have the effect of establishing both legal precedent and putting those profiting, and others who are in the same criminal ecosystem, under scrutiny.”
CryptBot is typically hidden in legitimate-seeming but maliciously modified software like Google Earth Pro and Google Chrome, the firm said.
If consumers unwittingly download the software, the CryptBot malware will get to work stealing authentication credentials, social media account logins, cryptocurrency wallets and more from their machines.
Google was able to disclose its civil action after a federal judge in the Southern District of New York unsealed the case.
It follows similar legal success against the individuals behind the Glupteba botnet, which resulted in a court issuing financial sanctions against both the Russian-based defendants and their US-based lawyer.
Google urged users to stay alert to the threat of malware like CryptBot, by researching any prospective software purchases and downloads, and only downloading from trusted sources. It added that users should always keep their device and PC operating systems up to date with the latest versions to further reduce risk exposure.