bitcoinpress.co.uk Open in urlscan Pro
162.0.215.10  Public Scan

Form analysis
1 forms found in the DOM

GET https://bitcoinpress.co.uk/

<form role="search" method="get" class="search-form" action="https://bitcoinpress.co.uk/">
  <label>
    <span class="screen-reader-text">Search for:</span>
    <input type="search" class="search-field" placeholder="Search …" value="" name="s">
  </label>
  <input type="submit" class="search-submit" value="Search">
</form>

Text Content

MENU
 * Home
 * Shop
 * Privacy Policy
 * Terms of Service

 * Home
 * Shop
 * Privacy Policy
 * Terms of Service

Search for:

MENU
 * Home
 * Cryptocurrency
 * Bitcoin
 * Altcoin
 * Blockchain
 * Coinbase
 * Ethereum
 * Litecoin
 * Monero
 * Ripple
 * Live Rates
 * Win Free BTC

 * Home
 * Cryptocurrency
 * Bitcoin
 * Altcoin
 * Blockchain
 * Coinbase
 * Ethereum
 * Litecoin
 * Monero
 * Ripple
 * Live Rates
 * Win Free BTC

Breaking News
 * [ December 12, 2021 ] Google Disrupts Blockchain-based Glupteba Botnet; Sues
   Russian Hackers Blockchain
 * [ December 12, 2021 ] How Much Should You Really Save to Your HSA? Coinbase
 * [ December 12, 2021 ] Power Utility Sues Russians Mining Cryptocurrency at
   Their Homes, Raises Electricity Rates – Mining Bitcoin News Cryptocurrency
   News
 * [ December 12, 2021 ] WikiLeaks Has Received $2.2 Million Worth of Donations
   in Crypto Monero
 * [ December 12, 2021 ] Crypto Analyst Explains Why He Considers These 3
   Altcoins ‘Millionaire Makers’ Altcoin

December 12, 2021
HomeBlockchainGoogle Disrupts Blockchain-based Glupteba Botnet; Sues Russian
Hackers


GOOGLE DISRUPTS BLOCKCHAIN-BASED GLUPTEBA BOTNET; SUES RUSSIAN HACKERS

December 12, 2021 Editorial Team Blockchain Comments Off on Google Disrupts
Blockchain-based Glupteba Botnet; Sues Russian Hackers



Google on Tuesday said it took steps to disrupt the operations of a
sophisticated “multi-component” botnet called Glupteba that approximately
infected more than one million Windows computers across the globe and stored its
command-and-control server addresses on Bitcoin’s blockchain as a resilience
mechanism.

As part of the efforts, Google’s Threat Analysis Group (TAG) said it partnered
with the CyberCrime Investigation Group over the past year to terminate around
63 million Google Docs that were observed to have distributed the malware,
alongside 1,183 Google Accounts, 908 Cloud Projects, and 870 Google Ads accounts
that were associated with its distribution.

Google TAG further said it worked with internet infrastructure providers and
hosting providers, such as CloudFlare, to dismantle the malware by taking down
servers and placing interstitial warning pages in front of the malicious
domains.

In tandem, the internet giant also announced a lawsuit against two Russian
individuals, Dmitry Starovikov and Alexander Filippov, who are alleged to be
responsible for managing the botnet alongside 15 unnamed defendants, calling the
enterprise a “modern technological and borderless incarnation of organized
crime.”



“Glupteba is known to steal user credentials and cookies, mine cryptocurrencies
on infected hosts, deploy and operate proxy components targeting Windows systems
and IoT devices,” TAG researchers Shane Huntley and Luca Nagy said, with the
botnet observed targeting victims worldwide, including the U.S., India, Brazil,
and Southeast Asia.

Glupteba was first publicly documented by Slovak internet security company ESET
in 2011. Last year, cybersecurity firm Sophos published a report on the dropper,
noting it “was able to continuously thwart efforts at removing it from an
infected machine,” adding “Glupteba also takes a variety of approaches to lay
low and avoid being noticed.”



Primarily disseminated through sketchy third-party software and online movie
streaming sites, the modular botnet camouflages as free software and YouTube
videos that, post-installation, can be orchestrated to take advantage of its
illicit access to the devices to retrieve additional components and further a
number of criminal schemes, including —

 * Stealing personal account information and selling the access to third-parties
   on a portal called “Dont[.]farm”
 * Vending credit cards to facilitate fraudulent purchases from Google Ads and
   other Google services
 * Selling unauthorized access to the devices for use as residential proxies via
   “AWMProxy[.]net” to conceal the activities of bad actors
 * Serving disruptive pop-up ads on the compromised machines, and
 * Hijacking the computing power of the devices to mine cryptocurrency

But in an interesting twist, rather than selling those stolen credentials
directly to other criminal customers, the Glupteba operators pawned the access
through virtual machines that were preloaded with those accounts by logging in
using the siphoned usernames and passwords on a web browser.

“Dont[.]farm’s customers pay the Glupteba Enterprise in exchange for the ability
to access a browser that is already logged into a victim’s stolen Google
account,” the company alleged. “Once granted access to the account, the
Dont[.]farm customer has free rein to use that account however they desire,
including buying advertisements and launching fraudulent ad campaigns, all
without the true account owner’s knowledge or authorization.”



The downloaded modules, besides incorporating measures to keep it invisible to
detection by antivirus solutions, are designed to execute arbitrary commands
pushed by an attacker-controlled server. Glupteba is also notable for the fact
that unlike other traditional botnets, the malware leverages the Bitcoin
blockchain as a backup command-and-control (C2) system.

Specifically, instead of relying solely on a list of predetermined and
disposable domains either hard-coded in the malware or obtained using a domain
generation algorithm (DGA), the malware is programmed to search the public
Bitcoin blockchain for transactions involving three wallet addresses owned by
the threat actor so as to fetch the encrypted C2 server address.

“Unfortunately, Glupteba’s use of blockchain technology as a resiliency
mechanism is notable here and is becoming a more common practice among cyber
crime organizations,” Google’s Royal Hansen and Halimah DeLaine Prado said. “The
decentralized nature of blockchain allows the botnet to recover more quickly
from disruptions, making them that much harder to shutdown.”

What’s more, the tech giant explained in its lawsuit that the cybercriminal gang
maintained an online presence at “Voltronwork[.]com” to actively recruit
developers by means of job openings on Google Ads to “support its websites,
transactions, and overall operation.”

The legal move also comes a day after Microsoft disclosed it had seized 42
domains used by the China-based Nickel hacking group (aka APT15, Bronze Palace,
Ke3Chang, Mirage, Playful Dragon, and Vixen Panda) to target servers belonging
to government agencies, think tanks, and human rights organizations in the U.S.
and 28 other countries worldwide.









Previous

How Much Should You Really Save to Your HSA?

 * Google Disrupts Blockchain-based Glupteba Botnet; Sues Russian Hackers
 * How Much Should You Really Save to Your HSA?
 * Power Utility Sues Russians Mining Cryptocurrency at Their Homes, Raises
   Electricity Rates – Mining Bitcoin News
 * WikiLeaks Has Received $2.2 Million Worth of Donations in Crypto
 * Crypto Analyst Explains Why He Considers These 3 Altcoins ‘Millionaire
   Makers’
 * How Global Economy Might Affect Bitcoin, Ethereum, and Crypto in 2022
 * Chumbi Valley Is the Next Big Iteration in the Play-to-Earn Blockchain Gaming
   Market – Press release Bitcoin News
 * Having a Child? Now Is the Time to Get Life Insurance
 * Why EOS Could be the Safest Cryptocurrency – Bywire Blockchain News
 * Bitcoin Amid $49K, Cardano (ADA) Spikes 6%

ADA BINANCE bitcoin BNB BTC CARDANO COIN CRYPTO cryptocurrency DeFi DOGE ETH ICO
investing KYC LTC MINING NFT SEC SHIB STABLECOIN STOCKS USDT XMR XRP
No comments found

STAY CONNECTED

 * Facebook
 * Twitter
 * Linkedin
 * Pinterest

FEATURED VIDEO



NEWS IN PICTURES

 * 
 * 
 * 
 * 
 * 
 * 
 * 
 * 
 * 

POPULAR ARTICLES

 * Daily Update (3/31/2018) | Telegram raised $1.7 billion so far in ICO
   March 31, 2018 Comments Off on Daily Update (3/31/2018) | Telegram raised
   $1.7 billion so far in ICO
 * Daily Update (4/2/2018) | Is Bitcoin being suppressed by a cartel?
   April 3, 2018 Comments Off on Daily Update (4/2/2018) | Is Bitcoin being
   suppressed by a cartel?
 * Daily Update (4/3/2018) | Coincheck gains interest from institutional firms
   April 3, 2018 Comments Off on Daily Update (4/3/2018) | Coincheck gains
   interest from institutional firms
 * Daily Update (4/8/2018) | Rockefeller fund invests in cryptocurrencies
   April 8, 2018 Comments Off on Daily Update (4/8/2018) | Rockefeller fund
   invests in cryptocurrencies
 * Crypto markets rebound | Has the bullrun begun?
   April 15, 2018 Comments Off on Crypto markets rebound | Has the bullrun
   begun?
 * Daily Update (4/21/2018) | Cryptocurrencies continue higher as markets gain
   confidence
   April 22, 2018 Comments Off on Daily Update (4/21/2018) | Cryptocurrencies
   continue higher as markets gain confidence
 * Daily Update (4/22/2018) | South Korean exchange Bithumb announces ICO
   April 22, 2018 Comments Off on Daily Update (4/22/2018) | South Korean
   exchange Bithumb announces ICO



MUST READ


 * GOOGLE DISRUPTS BLOCKCHAIN-BASED GLUPTEBA BOTNET; SUES RUSSIAN HACKERS
   
   December 12, 2021 Comments Off on Google Disrupts Blockchain-based Glupteba
   Botnet; Sues Russian Hackers
   Google on Tuesday said it took steps to disrupt the operations of a
   sophisticated “multi-component” botnet called Glupteba that approximately
   infected more than one million Windows computers across the globe and stored
   its command-and-control server [...]


 * HOW MUCH SHOULD YOU REALLY SAVE TO YOUR HSA?
   
   December 12, 2021 Comments Off on How Much Should You Really Save to Your
   HSA?
   According to a 2021 report from Devenir Research, the average health savings
   account (HSA) saver contributes $2,054 to a HSA annually . Employers are also
   contributing an average of $870 annually to employee HSAs each [...]

FOLLOW ON FACEBOOK



RANDOM ARTICLES


 * BITCOIN WHALE MICROSTRATEGY PUTS ON MORE HOLIDAY BLUBBER
   
   December 9, 2021 Comments Off on Bitcoin Whale MicroStrategy Puts on More
   Holiday Blubber
   Key Takeaways MicroStrategy has announced the purchase of 1,434 more Bitcoin
   for approximately $82.4 million. Michael Saylor’s company made its latest
   purchase at an average price of $57,477 per Bitcoin. The firm is now known
   [...]


 * CLASS ACTION DEADLINE REMINDER: KESSLER TOPAZ MELTZER & CHECK, LLP REMINDS
   COINBASE GLOBAL INC. INVESTORS OF DEADLINE IN SECURITIES FRAUD CLASS ACTION
   LAWSUIT | STATE
   
   August 7, 2021 Comments Off on Class Action Deadline Reminder: Kessler Topaz
   Meltzer & Check, LLP Reminds Coinbase Global Inc. Investors of Deadline in
   Securities Fraud Class Action Lawsuit | State
   RADNOR, Pa., Aug. 7, 2021 /PRNewswire/ — The law firm of Kessler Topaz
   Meltzer & Check, LLP reminds investors that a securities fraud class action
   lawsuit has been filed against Coinbase Global Inc. (NASDAQ: COIN)
   (“Coinbase”) [...]


 * RIPPLE ON BULLISH MOMENTUM: 6.15% UP IN THE LAST 12 HOURS
   
   February 8, 2021 Comments Off on Ripple On Bullish Momentum: 6.15% Up In The
   Last 12 Hours
   Ripple is currently on bullish momentum. At 09:06 EST on Monday, 8 February,
   Ripple is at $0.44 and up by 6.15% in the last 12 hours. Ripple Range Over
   the last six hours, Ripple’s higher [...]


 * THERE MAY BE MANY NEW BITCOIN MILLIONAIRES – OWN SNAP
   
   October 1, 2021 Comments Off on There May Be Many New Bitcoin Millionaires –
   Own Snap
   Coinbase Global provides financial infrastructure and technology for the
   crypto economy. It offers a mainstream financial account in crypto-economic
   for retail users, a marketplace with a pool of liquidity for operations with
   crypto assets for [...]


 * VIRGIL CAPITAL FOUNDER ADMITS $100 MILLION CRYPTO FUND FRAUD
   
   February 7, 2021 Comments Off on Virgil Capital Founder Admits $100 Million
   Crypto Fund Fraud
   Bloomberg BofA Divided as Bankers Cry Foul Over Special Bonus Treatment
   (Bloomberg) — Anger is building in the senior ranks at Bank of America Corp.
   after the company waived an unpopular new bonus policy for [...]




MENU
 * Home
 * Shop
 * Privacy Policy
 * Terms of Service

 * Home
 * Shop
 * Privacy Policy
 * Terms of Service

© Copyright 2021 BitcoinPress.co.uk




 * Bitcoin(BTC)$49,855.002.70%
 * Ethereum(ETH)$4,051.370.45%
 * Binance Coin(BNB)$566.802.13%
 * Tether(USDT)$1.00-0.17%
 * Cardano(ADA)$1.344.59%
 * XRP(XRP)$0.83-0.62%
 * Litecoin(LTC)$157.720.92%
 * TRON(TRX)$0.0915110.45%
 * Bitcoin Cash(BCH)$453.700.05%
 * Cosmos(ATOM)$24.420.66%
 * Monero(XMR)$197.96-0.02%
 * EOS(EOS)$3.31-1.64%
 * IOTA(MIOTA)$1.13-0.82%
 * Bitcoin SV(BSV)$133.52-1.79%
 * NEO(NEO)$27.800.50%
 * Dash(DASH)$137.40-2.17%
 * Bitcoin(BTC)$49,855.002.70%
 * Ethereum(ETH)$4,051.370.45%
 * Binance Coin(BNB)$566.802.13%
 * Tether(USDT)$1.00-0.17%
 * Cardano(ADA)$1.344.59%
 * XRP(XRP)$0.83-0.62%
 * Litecoin(LTC)$157.720.92%
 * TRON(TRX)$0.0915110.45%
 * Bitcoin Cash(BCH)$453.700.05%
 * Cosmos(ATOM)$24.420.66%
 * Monero(XMR)$197.96-0.02%
 * EOS(EOS)$3.31-1.64%
 * IOTA(MIOTA)$1.13-0.82%
 * Bitcoin SV(BSV)$133.52-1.79%
 * NEO(NEO)$27.800.50%
 * Dash(DASH)$137.40-2.17%



Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. Please support us
by disabling these ads blocker.

Refresh