Russian Hackers Infect Over 1 Million Computers And Steal Personal Data

December 09, 2021

Return to Learning Center

A giant global botnet that was harming Windows users may have been disrupted by Google.

Google's Threat Analysis Group (TAG) just announced that it has taken action to defend against a giant hack believed to originate in Russia that may have infected more than a million Windows PCs. The Glupteba botnet is piece of malware known for taking control of peoples' Windows machines. This computer virus can be used to acquire individuals' cookies, personal details and data, as well as using machines to mine cryptocurrency and hitting you in your electric bill.

Glupteba uses a modular approach and installs a kernel driver and uses a rootkit to make its activity invisible to the user, according to Sophos. This is a very sophisticated worm that even uses a watcher process to monitor its operation, report crashes, and reinitialize failed processes. Based on the naming of some of the variables it stores in the registry containing the name "CDN", industry experts believe that Glupteba's creators intended this to be part of a Software as a service offering to other malware publishers, giving them a pay-per-install business model for virus propagation. It's scary to think about peoples' machines being monetized in this way against their will.

Google said it has disrupted the operation by terminating about 63 million Google Docs detected sharing Glupteba, more than 1,100 Google Accounts, and even 870 Google Ads. With all of Google's alleged technical sophistication, how in the world have Google's ads been used to perpetuate viruses to thousands of users daily for so long? Hopefully they stopped the botnet without irrevocably deleting accounts of genuine users. Hoping to disuade copycats and other cybercriminals, Google also filed a legal action against the two alleged conspirators in the Southern District of New York, for computer fraud and abuse, and trademark infringement. Security experts believe that legal actions might have limited impact against cybercriminals, and the best thing that normal users can do to protect themselves is being careful about what links they click, as well as using anti-virus and protection software. Many technology enthusiasts might also question the wisdom of using Windows in this era.

With the increase in data breaches and leaks, technology that can be weaponized against you, dark web phishing, ransomware, and other gigantic problems, it pays to be vigilant and learn as much as you can and follow security best practices to minimize your chances of getting a big problem in your life.

The photo of Russian President Vladimir Putin sitting at a computer above is merely meant to be humorous as he is not personally alleged to be involved in this cyberattack. However, in an era of tension between Russia and the United States over Ukraine, not to mention the numerous claims of election influencing and hacking, it would not be surprising to learn that discussions about these sorts of attacks impact various geopolitical negotiations at the highest levels of politics. Many cyberattacks that impact American web services do end up originating in that part of the world. Diving into the details about some of these attacks will not only help improve your knowledge of Computer Science, but also help you undertsand what is going on in the world better.

We hope you enjoyed reading this guide and learned something new! Check out our Learning Center to learn more about online privacy and security or consider subscribing to our Online Privacy Service to remove your phone number, name, and address from Google, Bing, Yahoo, and DuckDuckGo search results and hundreds of data broker sites.