The malicious code named Glupteba, which was managed by the world-famous search engine Google to take it offline an estimated 1 year ago, is back.
It is a fact that computers, phones, tablets and the internet are completely a part of our lives. While this is the case, non-benevolent coding continues to surf the internet. One of these programs, Glupteba, the malicious coding that Google, the world-famous search engine, managed to bring offline an estimated 1 year ago, has returned to the software world and seems to be even stronger than before.
Glupteba software seems to be back after 1 year waiting period.
Cybersecurity experts explained that there are examples such as Glupteba, where reverse engineering has been adapted outside of TLS certificate records, blockchain applications. It is stated that this ill-intentioned coding has been active since the end of the summer months, and it may be a part of another big project.
It is thought that the original intention of the Glupteba software is to infect as many technological equipment as possible and to use it as an intermediary to create botnets on these devices. These botnets can be hired mostly to serve malicious individuals of crypto mining operations, DDoS attacks, and malicious coding online.
The malicious software is mostly disguising itself as free coding and is listed on the updated list of C2 servers via the Bitcoin blockchain. Creating a C2 server is not only financially easy, but with the Bitcoin blockchain being immutable, it is very difficult to crash the botnet.
The fact that the applications in the Bitcoin blockchain are open to everyone allows this application to be followed. By analyzing the applications made, it can be determined who or who is behind each address or transaction. So far, the Glupteba coding has been identified as using fifteen Bitcoin addresses.
The previous malicious software botnet of Glupteba coding was removed by Google in December 2021. The company managed to get a court order to seize the botnet's infrastructure. Although it has been considered that the danger has disappeared since then, the fact that the Glupteba software continues to work in the background has created uneasiness.
.Source:
https://shiftdelete.net/kotu-amacli-yazilim-geri-dondu
