CrowdStrike and Google take down botnet used by hackers to target software developers in supply chain attacks
CrowdStrike, in collaboration with Google and Shadowserver, successfully dismantled the Glassworm botnet that targeted software developers. This botnet was responsible for distributing malware and stealing passwords from open-source projects over the past two years. The operation disrupted the hackers' access to infected systems, preventing further malicious activities.
- ▪The Glassworm botnet targeted open-source software developers for two years.
- ▪CrowdStrike took down four command-and-control channels used by the hackers.
- ▪The hackers exploited trust in code hosted on platforms like GitHub to deliver malware.
Opening excerpt (first ~120 words) tap to expand
CrowdStrike, working with Google and Shadowserver, a nonprofit organization that scans and monitors the internet for cyberattacks, took down a botnet that cybercriminals used to push malware and steal passwords from open-source software developers. The takedown operation had the goal of disrupting the activities of the cybercriminals behind the so-called Glassworm botnet, who have been targeting the broader open source software supply chain for two years, according to CrowdStrike. In recent months, several hacking groups have targeted developers and open source projects to push malicious software to companies and organizations who in turn use that software.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at TechCrunch.
Discussion
0 commentsMore from TechCrunch
