



A New York judge has filed a default fine against two Russian citizens who allegedly helped create the “Glupteba” botnet, sold fraudulent credit card information and used the network to generate cryptocurrency. made a verdict.

According to the advertising giant, Glupteba infected 1 million compromised devices worldwide and continued to steal user account data, sometimes growing at a rate of thousands per day.

Judge Dennis Court, the New York District Court judge overseeing the case, also ruled that their attorneys conspired as a “deliberate campaign to resist detection and mislead the courts,” ruling the men and their attorneys. sanctioned Igor B. Litvak. .

Google is suing Dmitry Starovikov and Alexander Filippov and 15 other John and Jane Does in December 2021, stating in the original complaint: [PDF] The botnet “sets itself apart from traditional botnets in that it is technologically sophisticated. Unlike other botnets, the Glupteba botnet uses blockchain technology to keep itself out of chaos. I am protecting you.”

According to court documents, the Glupteba malware instructs infected computers to look for the addresses of command-and-control servers by “looking up transactions associated with specific accounts on the blockchain.” Essentially, if a botnet’s C2 server is disabled, its operator can simply set up a new server and broadcast its address on the blockchain.

Judge Court said in her opinion and order: [PDF] Defendants “viciously attempted to negotiate a discovery plan, demanding replacement of electronic devices,” even though they knew they could not provide the devices they said they had.

According to the judge, the defendants and their attorneys told Google that the relevant discovery information was held by their former employer Valtron LLC (OOO in Russian), a Moscow-based limited liability company. Both defendants said they worked for Valtron LLC “as software engineers” but later told the court they were “fired by Valtron at the end of 2021 and handed over the laptop to Valtron in mid-January 2022.” ” says.

At least according to the order, the two seem to have led Google into a hilarious chase.

Discovery is a common law process in which each party to a trial can obtain evidence from the other side, sometimes asking the court to help them (under rules) or using a subpoena to obtain evidence from a third party. to submit evidence.

According to the order, Starovikoff and Filippov’s attorneys clearly stated that “Google’s discovery of computers or devices used in the Defendant’s investigation, and the discovery of Defendant’s devices, were in fact physically controlled and owned by the Defendants.” “I suggested limiting it to devices.”

Google denied this and the device was never replaced.

In its June 9 order, the district court believed defendants sought discovery “only to learn whether they could circumvent the steps Google took to block the malware described in the complaint.” There is a reason,’ he explained. .”

Google’s claims against the man and his co-defendants fall under the Racketeer Influenced and Corrupt Organizations Act, the Computer Fraud and Abuse Act, the Electronic Communications Privacy Act, and the Lanham Act.

According to the order:

According to the order, Google subsequently rejected the defendant’s offer as extortionate and reported it to law enforcement.

The defendants have since sought sanctions from the court “for threatening to file criminal charges against Google in order to benefit from a civil lawsuit.” Judge Cote denied this motion.

The New York judge also sanctioned the two attorneys, Mr. Litvak, saying they “have a duty to be forthright with the courts, including a duty to promptly correct any unintentional misrepresentations.” . The trio must pay Google LLC’s attorneys’ fees and costs.

Also note that Starovikov, Filippov, and Litvak all contested “intentional misrepresentation to Google or the court.”

The pair never appeared in court.

We reached out to Google for comment.

Litvak emailed this statement to The Reg.

