On Tuesday, Judge Cote granted Google a temporary restraining order against the operators of a blockchain enabled “botnet.”  As the complaint explains, a “botnet” is “a network of internet-connected devices (bots), each of which are infected by malware,” and whose “computing power grows with each new device that is infected.” The complaint describes the particular botnet at issue as a modern version of organized crime:

Defendants are Russian cybercriminals who have silently infiltrated more than a million computers and other devices around the globe to create a network—the Glupteba “botnet”—to use for illicit purposes, including the theft and unauthorized use of Google users’ login and account information. Defendants use the Glupteba botnet to further a range of cybercrimes and to conceal criminal conduct. And at any moment, the power of the Glupteba botnet could be leveraged for use in a powerful ransomware or distributed denial-of-service (“DDoS”) attack.

Defendants Dmitry Starovikov, Alexander Filippov, and other unknown individuals work in concert to grow, control, and profit from the Glupteba botnet. Defendants and their criminal enterprise . . .  represent a modern technological and borderless incarnation of organized crime.

The complaint asserts a federal RICO claim, violations of the Computer Fraud and Abuse Act, violations of the Electronic Communications Privacy Act, trademark infringement, tortious interference with business relationships, and unjust enrichment.

Google stated that its goal in filing the complaint was to “set a precedent, create legal liability for the botnet operators, and help deter future activity.”

In awarding the temporary restraining order, Judge Cote stated:

Google has established that it will suffer immediate, irreparable harm if this Court denies its request for a temporary restraining order. In particular, it has shown that the Defendants—through their participation in, and operation of, the Glupteba Enterprise—have threatened the security of the internet, including Google platforms, by transmitting malware through the internet to configure, deploy, and operate a botnet. The Enterprise has distributed malware on devices of Google users, compromising the security of those devices and continues to issue commands to those devices to carry out criminal activities, such as selling access to Google user accounts and selling fraudulent credit cards to use on those accounts.

. . .

In addition, Defendants’ conduct is infringing Google’s trademarks, injuring Google’s goodwill, and damaging its reputation by creating confusion as to the source of the Glupteba malware because the Defendants use a domain that infringes Google’s YouTube mark to distribute malware. That constitutes irreparable harm.

A hearing on Google’s Order to Show Cause for a preliminary injunction is scheduled for December 16, 2021. Judge Cote has ordered the defendants to appear in person, and has authorized them to be served electronically.