Google's nearly year-long battle against a highly sophisticated Glupteba botnet has ended. In a rare case, botnet operators were ordered to pay Google's legal fees.
In December 2021, Google said it took action to disrupt the botnet by targeting its key command and control infrastructure. The company acknowledged that Glupteba's operators had lost control over their botnet for the time being.
Google also announced it had decided to take legal action against the botnet, notorious for stealing users' credentials and data, mining cryptocurrencies on infected hosts, and setting up proxies to funnel other people's internet traffic through infected machines and routers.
The legal battle went on almost for a year. In November, a Southern District of New York court ruled against the botnet's operators. Google said it was an important legal precedent sending "a warning to cybercriminals and those who enable or protect them."
Google had named the defendants and their shell companies in the suit, which, the company said, was not a common tactic.
"The risk was that these actors – who are based in Russia – could attempt to abuse the US court system by litigating from abroad with no intention of complying with the court's orders and could try to use the legal process to get information about Google's defense mechanisms. They attempted to do exactly that," Google said in a blog post.
However, the court saw right through the criminals' attempts and granted Google the default judgement against the defendants to "hold them responsible for attempting to mislead the court."
The court issued monetary sanctions against threat actors based in Russia and their US-based lawyer, requiring them to pay Google's legal fees.
"It is now clear that the Defendants appeared in this Court not to proceed in good faith to defend against Google's claims but with the intent to abuse the court system and discovery rules to reap a profit from Google," said Federal Judge Denise Cote.
Glupteba's operators have resumed activity on some non-Google platforms and internet of things (IoT) devices. However, Google said its action against the criminals led to a 78% reduction in infected hosts.
More from Cybernews:
Subscribe to our newsletter