Conferences
Online
10
October
Tbilisi, Georgia
23-24
October
Tel Aviv, Israël
04
November
12
November
Malta, Malta
12
November
Malta, Malta
13-17
November
14
November
Kyiv, Ukraine
30
November
04-05
December
Bangkok, Thailand
06
December
Bangkok, Thailand
07-08
December

Google Found Connection Between Botnet, Dont.farm, Extracard.net, and AWMProxy.net


Google sued two Russian citizens Dmitry Starovikov and Alexander Filippov for the Glupteba botnet operations. We’ve examined the complaint record and found out that the scheme involves dont.farm, Extracard.net, AWMProxy.net, and other services.

Here’s a link to the civil act: https://storage.googleapis.com/gweb-uniblog-publish-prod/documents/1_Complaint.pdf

The bottom line of the scheme is that botnet creators infected Windows computers by deceptive means. Once infected, the botnet’s owners opportunistically leveraged the users’ data. Among other purposes, such as cryptocurrency mining and selling bank card data, the creators of the botnet provided services for marketing specialists and publishers.

There are the following keynotes in the complaint:

  • Dont.farm provided users access to Google and other social accounts from infected computers.
  • The Extracard.net service provided bank cards to link them to ad accounts. Google failed to charge these cards.
  • The owner of QIP.ru named in the complaint claims responsibility for the Extracard.net creation and operation.
  • AWMProxy.net rented out IPs of devices infected with Glupteba malware.
  • Trafspin.com, an advertising network that was later renamed Push.farm (Google’s assumption based on identical points), was involved as well.


Like it? Share with your friends!
0 Comments