# CrowdStrike and Google take down botnet used by hackers to target software developers in supply chain attacks _Friday, June 26, 2026 at 12:56 AM EDT · Cybersecurity · Latest · Tier 2 — Notable_ ![CrowdStrike and Google take down botnet used by hackers to target software developers in supply chain attacks — Primary](https://techcrunch.com/wp-content/uploads/2026/05/source-code-on-screen.jpg?resize=1200,704) CrowdStrike, working with Google and Shadowserver, a nonprofit organization that scans and monitors the internet for cyberattacks, took down a botnet that cybercriminals used to push malware and steal passwords from open source software developers. The takedown disrupted the Glassworm botnet, which has targeted the open source software supply chain for two years, according to CrowdStrike. Several hacking groups have targeted developers and open source projects to push malicious software to companies and organizations. These attacks exploit the trust companies put into code hosted on platforms like GitHub. CrowdStrike said adversaries are no longer just targeting products but the developers who build them. Developers represent uniquely high value targets because compromising a single developers workstation can cascade into a supply chain compromise that impacts thousands of downstream organizations and users, the company reported. The hackers used several strategies to push out their malicious code, including publishing malicious extensions on a marketplace used by developers. They also used malvertising in which hackers pay for sponsored search results that trick victims into downloading malware. The group used credentials stolen in previous hacks to hijack developer accounts and plant malware in their code. CrowdStrike took down four command and control channels used by the hackers. This cut the hackers access to infected computers and stopped them from delivering more malware. The servers relied on the Solana blockchain, the BitTorrent peer to peer network, Google Calendar, and virtual private servers, according to the company. It is not clear what legal or technical authority CrowdStrike and others used for the takedown. When asked by TechCrunch, CrowdStrike spokesperson Kirsten Speas declined to comment beyond the company's blog. ## Sources - [TechCrunch](https://techcrunch.com/2026/05/27/crowdstrike-and-google-take-down-botnet-used-by-hackers-to-target-software-developers-in-supply-chain-attacks/) --- Canonical: https://techandbusiness.org/newswire/xa2LJ5eTlv3o3Jn7j0JXCs Retrieved: 2026-06-26T10:50:15.201Z Publisher: Tech & Business (techandbusiness.org)