News, 21.11.2022, 10:00 AM
After almost a year, Google won a significant court case against the group that managed the bot network, and according to the company, “the verdict is an important legal precedent” and a warning to cybercriminals and those who protect them.
At issue is Google’s dispute with a Russia-based group called Glupteba, which used a botnet to infiltrate millions of Windows devices.
Google’s legal team filed suit in New York District Court against the botnet operators, determined to expose them and their various shell companies.
The Glupteba botnet stole user credentials and cookies, mined cryptocurrency on infected devices, and deployed proxy components to target Windows systems and IoT devices. The malware was primarily distributed via pirated software download links.
Cases like this are difficult to handle, mainly because the perpetrators live in other countries, so they are outside the jurisdiction of the law of the country where Google is headquartered in this case. However, in this case, the court ruled in favor of the company:
“This is not a common tactic, but we thought it was important to try. We did this knowing that it could lead to lengthy litigation. The risk was that these actors – who are in Russia – could try to abuse the US court system by litigating from abroad with no intention of complying with court orders and try to use the legal process to obtain information about Google’s defense mechanisms. They tried to do just that, but the court saw through these attempts,” the company said.
The court decided to grant Google’s request for sanctions, and went a step further with monetary sanctions against the Russian-based defendants and their US attorney for attempting to deceive the court by requiring them to pay Google’s legal fees.
“This step is particularly important because it shows that there will be real, monetary consequences for engaging in this type of criminal activity,” the company said.
A key element in this case was the naming of both individuals and shell companies involved in the Glupteb operations.
It is a significant decision that could make criminals think twice before engaging in such illegal activities.
Although the criminals behind Glupteb have continued the same activities on some other non-Google platforms as well as on IoT devices, the outcome of this legal dispute will affect other cybercriminals who are considering cooperation with this group. What’s more, Google’s Threat Analysis Group (TAG) noticed a 78% decrease in the number of infected devices last year.
Of course, some groups will remain nameless. But larger operations require funding, and if Google and other platforms can point to those sources, it could lead to more fines that will increase pressure on these operations.
It will be interesting to see if the Glupteba group will try to challenge the verdict.