Share this article
Google Sues to Shutter Cryptojacking Botnet That Infected 1M+ Computers
The botnet used the Bitcoin blockchain to evade cybersecurity officials and remain online, Google alleged.
Updated May 11, 2023, 7:03 p.m. Published Dec 7, 2021, 10:27 p.m.
Make us preferred on Google
Google on Tuesday moved to shut down a sophisticated cryptojacking botnet that used the Bitcoin blockchain to evade cybersecurity officials.
Known as “Glupteba,” the botnet has infected more than 1 million machines worldwide, Google said in a civil complaint filed Tuesday against Dmitry Staroviko and Alexander Filippov, as well as 15 unknown individuals. Google alleged the defendants utilized this botnet to mine cryptocurrencies on victims’ computers, steal victims’ account information to sell to third parties, purchase goods and services using credit cards with insufficient funds and sell access to compromised machines to third parties.
STORY CONTINUES BELOW
Don't miss another story.Subscribe to the Crypto Daybook Americas Newsletter today. See all newsletters
Moreover, the botnet itself leveraged blockchain technology in a unique manner as an effort to secure it against traditional tools meant to disrupt these types of malicious activities. It effectively turned Bitcoin’s decentralization into an asset that made it “much harder to shut down,” Google executives wrote in a blog post.
The botnet weaponized the Bitcoin blockchain, according to Chainalysis, which said it helped Google’s investigation. By embedding command-and-control server addresses in the blockchain and then having the botnet turn to that data whenever an infected server was shuttered, it stays a step ahead of the cybersecurity whack-a-mole.
“This is the first known case of a botnet using this approach,” representatives for Chainalusis said in an email.
Google’s complaint went into more detail, saying that the “Glupteba Enterprise,” the entity controlled by the defendants, would use this method to direct the malware to new servers.
The botnet looked at three specific bitcoin addresses, according to a Google blog post.
Google said that while it has already taken some action to disrupt the botnet, the fact that it uses the Bitcoin blockchain means the operators can resurrect the network at any time.
“The Glupteba botnet cannot be eradicated entirely without neutralizing its blockchain-based infrastructure,” the complaint said.
Google filed fraud and racketeering allegations against the defendants in its suit.
More For You
KuCoin captured a record share of centralised exchange volume in 2025, with more than $1.25tn traded as its volumes grew faster than the wider crypto market.
What to know:
- KuCoin recorded over $1.25 trillion in total trading volume in 2025, equivalent to an average of roughly $114 billion per month, marking its strongest year on record.
- This performance translated into an all-time high share of centralised exchange volume, as KuCoin’s activity expanded faster than aggregate CEX volumes, which slowed during periods of lower market volatility.
- Spot and derivatives volumes were evenly split, each exceeding $500 billion for the year, signalling broad-based usage rather than reliance on a single product line.
- Altcoins accounted for the majority of trading activity, reinforcing KuCoin’s role as a primary liquidity venue beyond BTC and ETH at a time when majors saw more muted turnover.
- Even as overall crypto volumes softened mid-year, KuCoin maintained elevated baseline activity, indicating structurally higher user engagement rather than short-lived volume spikes.
More For You
BitMine, the largest Ethereum treasury firm, makes biggest ether purchase of 2026
The crypto treasury firm added over 40,000 ETH last week and has now staked over 2 million tokens.
What to know:
- BitMine acquired 40,302 ETH last week, its biggest purchase of 2026 so far.
- The purchase followed shareholder approval to expand the firm’s authorized share count.
Top Stories
