Google is taking down malware infrastructure linked to the Cryptbot info stealer after suing those using it to infect Google Chrome users and steal their data.
The lawsuit targets Cryptbot's infrastructure and distribution network, whose disruption would help decrease the number of victims having their sensitive information stolen using the malware.
"Yesterday, a federal judge in the Southern District of New York unsealed our civil action against the malware distributors of Cryptbot, which we estimate infected approximately 670,000 computers this past year and targeted users of Google Chrome to steal their data," the Head of Litigation Advance Mike Trinh and Threat Analysis Group's Pierre-Marc Bureau
said.
"We're targeting the distributors who are paid to spread malware broadly for users to download and install, which subsequently infects machines and steals user data."
To hinder the spread of CryptBot, the court has granted Google a temporary restraining order which allows the company to disrupt the distributors and their infrastructure.
The court empowers Google to take down domains associated with CryptBot distribution (active and that will be registered after the order is issued), thus helping curb the number of new infections and decelerating the malware network's growth.
"To hamper the spread of CryptBot, the court has granted a temporary restraining order to bolster our ongoing technical disruption efforts against the distributors and their infrastructure," Trinh and Bureau said.
"The court order allows us to take down current and future domains that are tied to the distribution of CryptBot."
